Microsoft Server Hack Hits 100 Organizations Worldwide
July 21 – A dangerous Microsoft Server Hack affected nearly 100 organizations in the world . Cybersecurity researchers are warning of a growing cyberespionage campaign. Hackers exploited a zero-day flaw in self-managed SharePoint servers, often used by businesses and government agencies to manage internal files.
Microsoft Issues Urgent Security Alert
Microsoft said over the weekend that there were “active attacks” on SharePoint systems. The breach took advantage of a “zero-day” vulnerability, which means the flaw was not known before. Hackers used it to get into servers and set up backdoors so they could keep an eye on things.
Eye Security Uncovers the Microsoft Server Hack Attack
Eye Security, a company based in the Netherlands, was the first to find the breach. Vaisha Bernard, the company’s main hacker, noticed strange things happening on a client’s server. After that, the company worked with the ShadowServer Foundation to look around the internet. Before the news about the exploit got out, they found almost 100 compromised systems.
“It’s very clear,” Bernard said. “Other hackers might have already put in more backdoors.”
Wide Range of Victims Likely
Authorities have not yet released the names of the organisations that were affected. Experts think that banks, healthcare companies, auditors, factories, and even governments may have been affected, though. It’s likely that some of them are U.S. state-level and international organisations.
Experts Warn of More Attacks
Rafe Pilling from Sophos said the attack seems to come from one group—but that may change. “We’re watching closely,” he said. “Other hackers could take advantage of this flaw fast.”
Microsoft has put out a patch and told people to install it right away. But experts say this might not be enough. If hackers added backdoors before the patch, those systems remain unsafe.
“This isn’t a normal breach,” said Daniel Card from the British cybersecurity company PwnDefend. Even servers that have been patched could still be hacked. “A full forensic check is needed.”
FBI and UK Cyber Center Involved
The FBI and the UK’s National Cyber Security Centre are now tracking the hack. Both have confirmed ongoing investigations.
Over 8,000 servers remain potentially exposed online. Experts are advising companies to act fast—treat servers as compromised, apply patches, and conduct full reviews.
