Global hack on Microsoft exposes US agencies, energy giants

Dozens of US government agencies and businesses are under attack following an unprecedented global hack on Microsoft servers.

Authorities are investigating after tens of thousands of SharePoint servers were compromised in the last few days, The Washington Post reports.

The platform is used to share and manage documents. They remain at risk as Microsoft is yet to fix the flaw, per the outlet.

Users are being urged to take the servers offline or make changes to the SharePoint programs to protect themselves.

‘Microsoft has issued security updates and urges customers to apply them,’ stated a spokesperson. ‘Throughout our response, we’ve worked closely with CISA, DOD Cyber Defense Command, and major cybersecurity partners worldwide.’

The cyber attack does not target cloud-based services, such as Microsoft 365, and only impacts those housed within an organization. 

At least two federal agencies have been breached, researchers told the Washington Post although no further details were given.

The breach is classed as a ‘zero day’ attack as it targets a previously unknown vulnerability. 

Dozens of US government agencies and businesses are under attack following an unprecedented global hack on Microsoft servers

Dozens of US government agencies and businesses are under attack following an unprecedented global hack on Microsoft servers

Authorities are currently investigating after tens of thousands of SharePoint servers were breached recently. Pictured: Microsoft Chairman and CEO Satya Nadella

‘We are witnessing attempts to exploit thousands of SharePoint servers worldwide before a patch has been released,’ Pete Renals, a senior manager at Palo Alto Networks’ Unit 42, informed the Washington Post.

‘We have identified dozens of compromised organizations spanning both commercial and government sectors.’ 

The hack is being investigated by the US government in partnership with officials in Australia and Canada. It is not yet clear who is responsible.

The compromised servers frequently connect to vital services such as Outlook email and Teams, sparking fears sensitive data and passwords have been obtained.

Microsoft said the hackers struck after it fixed a similar breach earlier this month by using a similar vulnerability.

‘Microsoft is aware of active attacks targeting on-premises SharePoint Server customers exploiting a variant of CVE-2025-49706 which was addressed in July’s Update Tuesday,’ an alert to users on Saturday read.

 ‘This vulnerability has been assigned CVE-2025-53770. This vulnerability applies to on-premises SharePoint Servers only. SharePoint Online in Microsoft 365 is not impacted. 

‘A patch has been made available to mitigate CVE-2025-53770 in SharePoint Subscription Edition which customers should apply immediately.’

The cyber attack is currently not affecting servers housed on the cloud, such as Microsoft 365 and only impacts those housed within an organization

The cyber attack is currently not affecting servers housed on the cloud, such as Microsoft 365 and only impacts those housed within an organization

Eye Security, a Netherlands-based company, told the Washington Post that the hackers may have gained access to keys which will allow them to hack again even after a fix, known as a patch, is issued.

‘Pushing out a patch on Monday or Tuesday doesn’t help anybody who’s been compromised in the past 72 hours,’ one researcher told the Washington Post.

thE Cybersecurity and Infrastructure Security Agency said it is working with Microsoft. ‘CISA was made aware of the exploitation by a trusted partner and we reached out to Microsoft immediately to take action,’ acting executive assistant director for cybersecurity Chris Butera said.

‘Microsoft is responding quickly, and we are working with the company to help notify potentially impacted entities about recommended mitigations. CISA encourages all organizations with on-premise Microsoft Sharepoint servers to take immediate recommended action.’

The incident is the latest security breach for Microsoft, which was admonished for lapses in 2023 which allowed a Chinese hack of government emails, including those of former Commerce Secretary Gina Raimond.

Last year a cyberattack on SharePoint data also led to millions of Americans’ personal information being stolen by hackers who targeted a heath company.

A total of 4.3m users’ names, addresses, health history and social security numbers to dangerous actors were obtained after the attack on HealthEquity.

Daily Mail has contacted Microsoft for comment. 

This is a breaking news story, check back for updates. 

You May Also Like

Out-of-Town Crowds Blamed for Newport Beach’s Chaotic Fourth of July Blowup

The disorder that swept through Newport Beach over the Fourth of July…

Taco Bell Removes Menu Ingredients as Parasite Outbreak Spreads

Taco Bell has temporarily removed several fresh ingredients from menus at some…

Andy Burnham Eyes No 10 Despite Mandate Questions After MPs’ Vote

Andy Burnham appears set to become Britain’s next prime minister, after Labour…

Who Is Valli Geiger? Maine Democrat Poised to Replace Graham Platner in Senate Race

Maine state Rep. Valli Geiger, a Rockland Democrat who previously worked as…

Student Found Dead Alongside Friend and Dog He Was Pet-Sitting

A University of Alabama student, a male friend and the dog he…

Hospital Runs Out of Antivenom While Trying to Save Father of Three

A Northern California hospital exhausted its entire supply of anti-venom while trying…

Elon Musk Ignites Backlash After Insulting Historian Tom Holland in Woke Culture Row

Elon Musk has branded English historian Tom Holland a “c**k” after entering…

Jeb Bush Applauds Trump’s Iran Crackdown as He Warns Cuba Is the Next Big Threat

WASHINGTON — Jeb Bush praised his former political rival, President Trump, for…

Tyler Robinson Hearing Reveals New Footage of Suspect’s Lover

Heavily redacted police-interview footage involving Lance Twiggs, the transgender romantic partner of…

Caitlin Clark Returns Amid Throat-Punch Controversy, but Fever Fall in Los Angeles

The jumbotron cycled through promotions for wireless providers, healthcare services, credit cards…

Tucker Carlson’s Third-Party Push Is Taking Shape, Mark Halperin Says

Tucker Carlson appears to have caught another bout of Christopher Columbus syndrome.…

Shocking Tyler Robinson Evidence Stuns Courtroom in Dramatic Trial Twist

Prosecutors unveiled what they described as significant new evidence this week, arguing…