- US Air Force investigating SharePoint -overpowering that reveals PII and Phi across its systems
- Chinese bound groups utilized SharePoint error
- Microsoft and US authorities actively investigate the extent and impact of the violation
The US Air Force is reportedly investigating a potential data violation caused by a Microsoft SharePoint question.
A report from Registered revealed the Air Force Personal Center Directorate of Technology and Information issued a data violation message shared on social media.
“This message is to inform you of a critically personally identifiable information (PII) and protected health information (phi) exposure related to USAF SharePoint permissions,” the warning reads. “As a result of this violation, all USAF SharePoints will be blocked the Air Force to protect sensitive information.”
Big names
Registered Reported Microsoft teams and Power Bi -Dashboards should also be blocked as they have access to SharePoint, but this information is uncommon at this time.
“The Department of Air Force is aware of a privacy -related question,” a spokesman for the Air Force said Registered.
Further information out there is barely right now, with little information about who the threat actors are and what they were looking for to achieve.
Obviously, most fingers are now pointed to China after reports in early July 2025 that Microsoft had confirmed three Chinese-affiliated hacking groups that exploited on-premist SharePoint servers.
The groups, called Linen Typhoon, Violet Typhoon and Storm-2603, targeted deficiencies that enabled approval compass and remote code execution that enabled them to steal sensitive data such as machine information.
These exploits affected at least two US federal agencies and several other organizations globally. The situation is actively investigated by both Microsoft and US authorities.
However, we should also not forget Russian state-sponsored groups that have the skills and infrastructure to pull off this kind of attack, and have also done so in the not too distant-made.
Earlier, Microsoft faced the US government fire over its relaxing cyber security method, which even forced it to change how it worked – let’s see if it’s this time it’s different.
