IT Vulnerabilities Impact Three Units in North Rhine-Westphalia's Sharepoint System
In a recent development, three universities in North Rhine-Westphalia (NRW)—Heinrich-Heine-University Düsseldorf, Ruhr-University Bochum, and University of Paderborn—experienced security issues with their IT systems on July 24, 2025, at 18:48. The affected servers were those for Microsoft's Sharepoint program for file sharing.
The security issues were linked to serious weaknesses in SharePoint software, as reported by various cybersecurity sources. These weaknesses could potentially lead to unauthorized access and data leakage, remote code execution, cross-site scripting and cross-site request forgery, privilege escalation, and data loss or corruption.
However, it's important to note that no sensitive data has been stolen during these security breaches, as confirmed by both the universities and the Ministry of Science. The servers have been shut down in the meantime, and the forensic investigations into the security breaches have been completed.
The affected universities are taking necessary measures to address the vulnerabilities. Recommended solutions typically involve applying the latest security patches provided by Microsoft for SharePoint promptly, regularly reviewing and tightening user permissions, hardening SharePoint settings, limiting SharePoint server exposure, deploying Web Application Firewalls and endpoint protection, educating university staff about phishing and security best practices, and having protocols ready to detect and respond to attacks quickly.
Despite initial estimates suggesting it could take up to two weeks to get the system running again, a spokesperson for the university has confirmed that the problem has now been fixed. The student portal of the Heinrich-Heine-University, which was reportedly down due to the incident, is currently not functional for submitting final theses via the student portal. Students are advised to send their theses by email instead.
The universities are urged to conduct detailed forensic analysis and collaborate with security experts and Microsoft support to ensure the security of their systems moving forward. As the situation evolves, we will keep you updated on any further developments.
The cybersecurity technology community is abuzz with discussions about the recent cybersecurity issues experienced by three general-news universities in North Rhine-Westphalia (NRW), which involved the servers for Microsoft's Sharepoint program used for file sharing. These issues were found to stem from potential vulnerabilities in SharePoint software, leading to concerns about unauthorized access, data leakage, remote code execution, cross-site scripting and cross-site request forgery, privilege escalation, and data loss or corruption. Despite no sensitive data being stolen, the affected universities are now taking measures to strengthen their cybersecurity, including applying security patches, reviewing and tightening user permissions, hardening SharePoint settings, limiting server exposure, deploying Web Application Firewalls and endpoint protection, educating staff about security best practices, and having quick response protocols in place.
