Number of affected in hacker attack on Microsoft servers increased to 400
Kyiv • UNN
The number of companies and organizations compromised by the security vulnerability on Microsoft SharePoint servers has grown to 400. Most of the victims are in the US, including the National Nuclear Security Administration.
The number of companies and organizations compromised by a security vulnerability in Microsoft's SharePoint servers is rapidly growing, with the number of victims increasing more than sixfold in a few days, according to one research firm, writes UNN with reference to Bloomberg.
Details
Eye Security, a Dutch cybersecurity company that detected an early wave of attacks last week, estimates that hackers have compromised about 400 government agencies, corporations, and other organizations. This is more than the approximately 60, according to a previous estimate provided on Tuesday.
The security company stated that most of the victims are in the US, followed by Mauritius, Jordan, South Africa, and the Netherlands. The National Nuclear Security Administration, a US agency responsible for maintaining and developing the nation's nuclear weapons stockpile, was among those affected, Bloomberg previously reported.
These hacking attacks are among the latest serious breaches that Microsoft, at least in part, blames on China, and they occurred amid escalating tensions between Washington and Beijing over global security and trade, the publication writes. The US has repeatedly criticized China for campaigns that allegedly stole government and corporate secrets for decades.
"We estimate that the actual number could be much higher, as there may be many more hidden ways to compromise servers that leave no traces," said Eye Security co-owner Vaishali Bernard in an email to Bloomberg. "This is still evolving, and other opportunistic adversaries continue to exploit vulnerable servers."
Among the organizations compromised by the SharePoint breaches, many work in government, education, and technology services, Bernard said. A smaller number of victims were in countries in Europe, Asia, the Middle East, and South America.
US Treasury Secretary Scott Bessent, who is scheduled to meet with his Chinese counterparts in Stockholm next week for the third round of trade talks, suggested in an interview with Bloomberg on Wednesday that the SharePoint hacking attacks would be discussed. "Obviously, such things will be on the agenda with my Chinese counterparts," he said.
Such security flaws allow hackers to gain access to SharePoint servers and steal keys that enable them to impersonate users or services, potentially allowing deep access to compromised networks to steal sensitive data. Microsoft has released patches to fix the vulnerabilities, but researchers have warned that hackers may have already established a foothold on many servers.
On Tuesday, Microsoft accused Chinese state-sponsored hackers, known as Linen Typhoon and Violet Typhoon, of involvement in the attacks. Another China-based hacking group, which Microsoft calls Storm-2603, also used them, according to the company.
As Bloomberg previously reported, hackers also exploited SharePoint flaws to breach systems belonging to the US Department of Education, the Florida Department of Revenue, and the Rhode Island General Assembly.