1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • US Air Force investigating data breach caused by Microsoft ShareP

    From TechnologyDaily@1337:1/100 to All on Thu Oct 2 15:15:07 2025
    US Air Force investigating data breach caused by Microsoft SharePoint issue

    Date:
    Thu, 02 Oct 2025 14:03:00 +0000

    Description:
    Personal and health information was apparently stolen but no one knows yet - by whom.

    FULL STORY ======================================================================US Air Force investigating SharePoint breach exposing PII and PHI across its systems Chinese-linked groups exploited SharePoint flaws Microsoft and US authorities are actively investigating the scope and impact of the breach

    The US Air Force is reportedly investigating a potential data breach caused
    by a Microsoft SharePoint issue.

    A report from The Register revealed the Air Force Personnel Center
    Directorate of Technology and Information issued a data breach notification shared on social media.

    "This message is to inform you of a critical Personally Identifiable Information (PII) and Protected Health Information (PHI) exposure related to USAF SharePoint Permissions," the warning reads. "As a result of this breach, all USAF SharePoints will be blocked Air Force-wide to protect sensitive information." Big names

    The Register reported Microsoft Teams and Power BI dashboards should also be blocked since they access SharePoint, but this information is unconfirmed at this time.

    "The Department of the Air Force is aware of a privacy-related issue," an Air Force spokesperson told The Register .

    Further information out there is scarce right now, with little information on who the threat actors are and what they sought to achieve.

    Obviously, most fingers are now being pointed towards China, following
    reports in early July 2025 that Microsoft had confirmed three Chinese-affiliated hacking groups exploited vulnerabilities in on-prem SharePoint servers.

    The groups, called Linen Typhoon, Violet Typhoon, and Storm-2603, targeted flaws that allowed authentication bypass and remote code execution, which enabled them to steal sensitive data such as MachineKey information.

    These exploits affected at least two US federal agencies and numerous other organizations globally. The situation is being actively investigated by both Microsoft and US authorities.

    However, we should also not forget Russian state-sponsored groups, who have the skills and the infrastructure to pull this kind of attack off, and have done so in the not-too-distant-past , as well.

    Previously, Microsoft faced US government fire over its lax cybersecurity approach, which even forced it to change how it operated - lets see if this time it is any different. You might also like NSA says Volt Typhoon was not successful at persisting in critical infrastructure Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/us-air-force-investigating-data-breach- caused-by-microsoft-sharepoint-issue


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)