A major security incident involving Microsoft’s SharePoint platform has affected approximately 400 organizations worldwide, according to new findings by Dutch cybersecurity firm iSecurity.
The updated figure, four times higher than earlier estimates, was determined through digital scans of publicly exposed servers running outdated or unpatched versions of SharePoint.
The figure represents a significant jump from earlier estimates of around 100 affected entities and highlights the expanding scale of the breach. The company reached the revised estimate after analyzing digital forensics data from vulnerable SharePoint servers.
“This number is likely an undercount,” said Vaisha Bernard, Chief Exploitation Researcher at iSecurity. “Not every attack leaves behind clear traces, so the real scope could be even wider.”
The attack followed Microsoft’s failure to fully patch a critical vulnerability in SharePoint, its enterprise collaboration platform. The flaw allowed threat actors to infiltrate unprotected servers, prompting a wave of cyber intrusions.
Microsoft, along with Alphabet-owned Google, previously confirmed that Chinese state-linked hacking groups were among those exploiting the vulnerability. Beijing has denied any involvement.
iSecurity was one of the first organizations to flag the breach, which has since drawn attention from government agencies and private-sector security teams worldwide.
The escalating number of affected entities has sparked concerns over the speed and completeness of Microsoft's security response, as well as the broader vulnerabilities within enterprise cloud infrastructure.
“This kind of exposure shows how one unpatched vector can cascade into hundreds of breaches across critical systems,” Bernard added.
Microsoft has since issued updated guidance and urged administrators to immediately apply the latest security patches to all SharePoint environments.
Follow the latest news on Google News
