Microsoft servers hacked by Chinese-linked hacker groups have raised serious cybersecurity concerns. The attackers exploited vulnerabilities in on-premises SharePoint servers, targeting sensitive business data, while cloud-based Microsoft services remained unaffected.
The company identified three groups — Linen Typhoon, Violet Typhoon, and Storm-2603 — as the primary attackers. Microsoft released security patches and urged all SharePoint server users to install them immediately.
Microsoft Servers Hacked – How the Attack Unfolded
Hackers sent malicious requests to SharePoint servers, enabling them to steal cryptographic keys and access confidential business data. Microsoft warned that these attackers will continue to target systems without the latest security updates.
Security experts described the attack as widespread and aggressive. The hackers launched their campaign before Microsoft could release the patches, increasing the severity of the breach.
Global Impact of the Microsoft Data Breach
Charles Carmakal, Chief Technology Officer at Mandiant Consulting (a Google Cloud company), confirmed that several organizations worldwide suffered breaches. Governments and businesses using on-premises SharePoint servers were the primary targets. Microsoft servers hacked.
The attackers stole encrypted materials and later used them to maintain unauthorized access to critical data. Carmakal stressed the scale of the attack, calling it one of the most opportunistic breaches observed recently.
Linen Typhoon and Violet Typhoon Behind Microsoft Servers Hacked
For over a decade, Linen Typhoon has focused on stealing intellectual property from organizations tied to defense, strategic planning, and human rights. Violet Typhoon has targeted espionage efforts against former government officials, NGOs, think tanks, educational institutions, and financial and healthcare sectors across the US, Europe, and East Asia.
Microsoft also linked Storm-2603 to the attacks and believes it operates from China.
Microsoft’s Security Response to the SharePoint Hack
Microsoft deployed urgent security patches to close the exploited vulnerabilities. The company continues investigating other threat actors who may use the same weaknesses. It strongly recommends that organizations apply the latest updates and monitor their servers for unusual activities. Microsoft servers hacked
