Hacker
Photo by Mika Baumeister on Unsplash

A major cyber espionage operation tied to China recently hacked into the internal communications of the Cuban embassy in Washington D.C. This breach exposes a glaring weak spot in a long-standing geopolitical alliance. Hackers gained unauthorised access to the private email accounts of 68 senior diplomatic figures, which included the ambassador and the deputy chief of mission. The cybersecurity firm Gambit Security publicly disclosed this unprecedented digital intrusion on Wednesday following initial reports from Bloomberg.

The digital infiltration began in January 2026 during a period of immense domestic instability for the Cuban regime. The nation was already grappling with an intense energy crisis after the Trump administration decided to completely halt oil shipments to the island. This diplomatic and economic pressure resulted in catastrophic nationwide blackouts, leaving vast territories without power for up to 25 to 30 hours daily and creating critical blind spots in institutional security.

Exploiting Old Microsoft Exchange Flaws to Access Cuban Intelligence

Digital investigators found that the hackers gained entry by exploiting severely outdated systems at the embassy. The diplomatic mission was still relying on older Microsoft Exchange email servers that were missing basic security updates. These critical weak points had been ignored for at least five years, giving the attackers an incredibly easy path right into their secure networks.

Because of this, the hackers easily accessed entire email archives belonging to top Cuban political strategists and intelligence officials. It is a massive security failure for Havana. Curtis Simpson, the strategy director at Gambit Security, pointed out the broader context of the attack. 'This breach illustrates how global events can fuel cyber activity,' Simpson remarked.

How Leaked Communications Could Affect US-Cuba Diplomatic Talks

The timing and scale of this operation are especially sensitive at present. Cuba and the United States have been in high-level diplomatic talks since February 2026. The negotiations hit a significant milestone recently when the Cuban government agreed to release over 2,000 political prisoners. But now, security analysts are warning that the stolen emails may have exposed sensitive details about those very discussions.

Getting direct access to these sensitive conversations gives Beijing a huge strategic advantage on the world stage. It could allow Chinese intelligence to see where US-Cuba relations are heading without relying on secondhand diplomatic channels. This relationship is highly significant to China at present as it navigates its own complicated dynamic with the United States.

Breaching Venezuelan Government Servers and Global React Development Systems

The hacking campaign did not stop at the Cuban embassy in Washington. During the same period, this identical group of Chinese-affiliated hackers executed a coordinated digital strike against the Venezuelan government and its Ministry of Foreign Affairs. This simultaneous intrusion strongly indicates a sweeping regional surveillance operation designed to monitor multiple Latin American governments.

Furthermore, the attackers weaponised a separate software vulnerability found in the widely used React development tool. This secondary exploit allowed them to compromise roughly 5,000 independent servers worldwide in less than a week. Prominent institutional victims of this global sweep included the Texas Department of Health and Human Services and the investment firm Santé Ventures.

Experts Warn of Escalating AI-Powered Threats

This major security incident introduces profound complications into the traditionally cooperative relationship between Cuba and China. Western intelligence reports have long documented the existence of Chinese electronic eavesdropping installations stationed across the Caribbean island at locations such as Bejucal, El Wajay, Calabazar, and El Salao.

While those facilities ostensibly target the United States, this recent cyberattack implies that Beijing is actively monitoring the internal communications of its own strategic partners.

Neither the Cuban diplomatic mission in Washington nor the Chinese government representation responded to immediate requests for comment regarding the espionage allegations, though cybersecurity experts expect these sophisticated state-sponsored intrusions to multiply.

Simpson warned that threat actors are increasingly leveraging artificial intelligence to automate their attacks. 'We talk a lot about new vulnerabilities, but we still haven't addressed the longstanding flaws that enable these attacks,' he cautioned.

Writer's pick