More than 100 organizations in various parts of the world have been hit by a significant cyberattack. The attack revealed a big vulnerability in Microsoft SharePoint, which is used by many to upload and share documents.
This flaw was not known before. That made it easier for hackers to slip in quietly.
The breach began last week and quickly spread. Hackers used the weakness to get into the systems of large organizations. These include U.S. federal and state agencies, energy companies, universities, and government offices across Europe and South America.
One university in Brazil and a local government office in New Mexico have confirmed they were affected. But many others are staying quiet, likely for privacy and safety reasons.
A spokesperson from the New Mexico office said, “We were locked out of several public documents. These files were meant to be available to our residents. It’s been frustrating.”
This attack only affects organizations running SharePoint on their servers. People using SharePoint through Microsoft 365 at home or in small businesses are not affected.
So What Did the Hackers Do?
They were able to view sensitive files. In some cases, they deleted documents. They also stole digital keys, special codes that can let them back in even after the systems are patched.
In one case, a staff member at the Brazilian University said, “We lost access to several research papers. We’re still trying to understand what was taken.”
Microsoft confirmed the attack. The company is now working with cybersecurity officials to fix the issue.
They have released updates to fix the problem for some versions of SharePoint. But not all versions have a fix yet. That means many systems are still exposed.
Experts are advising organizations to take these measures:
- In case there is an update, install it immediately. If not, disconnect the SharePoint server from the internet to stay safe until a fix is ready.
- Cybersecurity teams also suggest changing all passwords and digital access keys. It’s also important to check system logs for anything strange, like unknown logins or missing files.
The FBI and cyber teams from Canada, Australia, and several European countries are now involved. Right now, no one knows who is behind the attack. No hacker group has claimed responsibility so far.
This breach has caused real concern. Microsoft SharePoint is used by many for sharing and storing important documents. When something like this happens, it can disrupt work and break trust.
If your organization uses SharePoint on its servers, it’s time to act. Talk to your IT team. Make sure everything is updated.
This attack does not impact the small version of SharePoint. Still, this event is a strong reminder that even trusted tools can be targets. And acting quickly can help stop the damage.
Related: Samsung Introduces The First Transparent MicroLED Screen At CES 2024