- A major cyberattack has targeted Microsoft SharePoint servers, reportedly impacting at least two US government agencies and hundreds of other organisations globally.
- Hackers may have stolen sensitive data, including passwords and cryptographic keys, from connected Outlook and Teams accounts, although cloud-based services were not compromised.
- The identity of the perpetrators is unknown, but some of the targets included a US state legislature, institutions in China, a local government agency in Spain, and a university in Brazil.
- The vulnerability exploited was inadvertently revealed after Microsoft issued a fix for a similar SharePoint flaw earlier this month.
- Microsoft has released one patch, with two more SharePoint versions awaiting custom fixes, and the FBI is currently investigating the incident.
IN FULL