The White House on Sunday raised the alarm over a recent breach in Microsoft Outlook intrusions it says are linked to China.
Spokeswoman Jen Psaki said companies should take it “very seriously.”
“This is an active threat and as the national security advisor tweeted last night, everybody running these servers, government, private sector, academic, needs to act now to patch them.”
CNN separately reported on Sunday that U.S. President Joe Biden was forming a task force to address the hack.
A source told Reuters it's now believed more than 20,000 U.S. organizations had been affected including e-credit unions, town governments and small businesses.
Major companies and federal agencies appeared to have been spared, according to initial findings.
Microsoft has pointed the finger at hackers from China, but Beijing denies its involvement.
The tech company released a patch last week to address flaws in Outlook, its email software, but the remedy can only defend against new hacking attempts.
The White House National Security Council tweeted on Sunday, "Patching and mitigation is not remediation… it is essential that any organization with a vulnerable server take measures to determine if they were already targeted.”
Neither the company nor the White House has specified the scale of the hack.
Microsoft initially said it was limited, but the White House last week expressed concern about the potential for "a large number of victims."
A Microsoft representative said it was working with the government to guide vulnerable clients, as more attacks are expected.