- US Air Force investigating the violation of SharePoint exhibiting Pii and Phi through its systems
- China groups have exploited SharePoint FLAWS
- Microsoft and the American authorities actively investigate the scope and impact of the violation
The US Air Force is said to have investigated a potential data violation caused by a problem with Microsoft SharePoint.
A report of The register revealed that the Directorate of Technology and Information of the Air Force Personnel Center has published a notification of data violation shared on social networks.
“This message is to inform you of a critical information of personally identifiable information (PII) and an exposure to health information (PHI) linked to the USAF sharepoint authorizations,” said the warning. “Following this violation, all USAF SharePoints will be blocked on the Air Force scale to protect sensitive information.”
Big names
The register The microsoft teams reported and the Power Bi dashboards should also be blocked because they access SharePoint, but this information is not confirmed at the moment.
“The Air Force Ministry is aware of a privacy problem,” said an Air Force spokesman The register.
More information is rare at the moment, with little information about who are the threat actors and what they have sought to achieve.
Obviously, most of the fingers are now indicated to China, following reports in early July 2025 that Microsoft confirmed that three piracy groups affiliated to the Chinese operated the vulnerabilities in the SharePoint servers on site.
The groups, called flax typhoon, purple typhoon and storm-2603, targeted defects that allowed by authentication and the execution of the remote code, which enabled them to steal sensitive data such as key machine information.
These exploits have assigned at least two American federal agencies and many other organizations around the world. The situation is actively studied by the authorities of Microsoft and American.
However, we must not forget groups sponsored by the Russian state, which have the skills and the infrastructure to achieve this type of attack, and have also done so in the step too far.
Previously, Microsoft faced fire from the American government on its approach to lax cybersecurity, which even forced it to change its operation – let’s see if this time it is different.
