A widespread cyberattack targeting Microsoft SharePoint servers has impacted multiple organizations in South Africa, including the National Treasury, a major university, and firms in the automotive industry.
According to cybersecurity firm Eye Security, the breach—part of a global wave affecting over 400 entities—exploited vulnerabilities in on-premise SharePoint servers.
While the major incidents, according to Bloomberg’s report, were recorded in the U.S., countries like South Africa, Mauritius, Jordan, and the Netherlands also reported significant intrusions.
In South Africa, the Treasury confirmed the presence of malware within its Infrastructure Reporting Model website but stated that no disruptions to critical systems had occurred. The department is, however, working closely with Microsoft to investigate the breach and secure its infrastructure.
Read Also: Yuan Strengthens to 7.1385 Against Dollar
“We never disclose individual victims,” said Vaisha Bernard, co-owner of Eye Security, “but in South Africa, affected entities include a government department, a car manufacturer, a university, and several local government bodies.”
The nature of the attack, which bypasses the security of locally hosted SharePoint systems, has raised concerns over reliance on on-premise solutions. Microsoft confirmed the attacks are confined to self-managed servers, not cloud-hosted SharePoint services.
Details of the intrusion have been submitted to South Africa’s Computer Security Incident Response Team (CSIRT) for further analysis.
This incident underscores the growing cybersecurity risks facing both public and private institutions and highlights the need for updated security protocols across essential digital infrastructure.
Image Credit: Business Insider Africa
