- The US Air Force investigates the violation of SharePoint exposing Pii and Phi in its systems
- Groups linked to Chinese exploded SharePoint failures
- Microsoft and the United States authorities are actively investigating the scope and impact of violation
According to reports, the United States Air Force is investigating a possible data violation caused by a Microsoft SharePoint problem.
A report from The registration He revealed that the Directorate of Technology and Information of the Air Force Personnel Center issued a notification of shared data violation on social networks.
“This message is to inform you about a critical exhibition of Personal Identification Information (PII) and Protected Health Information (PHI) related to USAF SharePoint permits,” says the warning. “As a result of this violation, all the USAF sharepoints will be blocked throughout the Air Force to protect confidential information.”
Great names
The registration Informed Microsoft equipment and Power BI panels must also be blocked as they access SharePoint, but this information is not confirmed at this time.
“The Department of the Air Force is aware of an issue related to privacy,” said a Air Force spokesman The registration.
At this time, more information, with little information about who are the threat actors and what they wanted to achieve.
Obviously, most of the fingers are now being indicated to China, after reports in early July 2025 that Microsoft had confirmed that three piracy groups affiliated with the Chinese exploited vulnerabilities on SharePoint servers in the former.
The groups, called Lino Typhoon, Typhoon Violet and Storm-2603, directed failures that allowed the authentication bypass and the execution of remote code, which allowed them to steal confidential data such as the information of the short AMES machine.
These exploits affected at least two US federal agencies and many other organizations worldwide. The situation is actively investigated by the authorities of Microsoft and the United States.
However, we should not forget the groups sponsored by the Russian State, which have the skills and infrastructure to extract this type of attack, and we have also done so in the past not too distant.
Previously, Microsoft faced the United States government fires on its lax cyber security approach, which even forced him to change the way he worked; Let’s see if this time is different.
