Mysterious Bug Is Deleting Microsoft Teams, SharePoint Files
Microsoft SharePoint and Microsoft Teams users report files are missing or moved to the Recycle Bin after the recent Azure Active Directory outage this week.
On Monday, Microsoft suffered a massive outage that affected almost all cloud services, including Microsoft 365, Microsoft Teams, Xbox Live, Exchange Online, Outlook.com, and SharePoint.
Microsoft later confirmed that the outage was caused by a configuration issue in their Azure Active Directory service.Â
SharePoint and OneDrive continue to have issues
Since Tuesday, BleepingComputer has spoken to numerous Microsoft SharePoint administrators bombarded with client calls about missing files in their SharePoint folders.
When the admins look into the issue, they find the SharePoint folder structure to be intact, but all of the files are missing. Eventually, they find that the files have been deleted and are now located in SharePoint’s cloud recycle bin, or in some cases, a local PC’s Recycle Bin.
BleepingComputer first learned about this issue after James Watt, an IT consultant in Pennsylvania, contacted BleepingComputer after getting inundated with clients’ calls about the problem a day after Microsoft’s outage.
After examining his client’s computers, he found that the SharePoint data had been deleted and was now located only in the various Recycle Bins.
As all of the files show the same deleted time, were previously located in a variety of SharePoint folders, and the folder structure remained intact on SharePoint, a user couldn’t have accidentally deleted the data.
Even stranger, when assisting some of his clients, he was finding that the SharePoint data was moved in some cases to the PC’s local Recycle Bin, as shown below.
Also Read: What You Should Know About The Data Protection Obligation Singapore
After speaking to Watt, BleepingComputer found reports regarding the same SharePoint issue and a similar OneDrive issue posted online at the Microsoft community forums and Reddit.
“Today we discovered that we are missing hundreds of files. Strange was, that we were missing only files… folders were there. We found who deleted them (in sharepoints recycle bin) but she claims that she did not delete anything. Because she is newcomer she was browsing through many files and she claims the she found the files she opened in computer’s recycle bin the next morning.”
“Because the files, I’ve seen in her recycle bin, were deleted almost at the same time I would believe her as it would be impossible for a normal user to delete so many files in such a short timeframe. The only way to do that is to delete all folders, but only some files at some folders are deleted,” a SharePoint admin posted to Microsoft’s community forums, looking for help.
Ted Kinczkowski of Harbor Computer Services told BleepingComputer via email that he experienced a similar issue where one of his clients reported that thousands of files were being deleted from SharePoint.
Kinczkowski said he had to change the affected user’s password to prevent the data from being deleted.
After contacting Microsoft about the issue, Watt was told it was related to the Microsoft advisories SP244708 (SharePoint) and OD244709 (OnDrive).
Both advisories are essentially the same and state that local copies of OneDrive for Business or SharePoint files will be restored after initiating a resync.
“Some users may have received some form of notification indicating that their files were deleted; such as a message from OneDrive stating “Remove files from all locations”, or a notice that their files were being removed from their synced folders and placed into a recycle bin.
Impacted users can manually initiate a resync to resolve the problem by restarting their machine. Subsequent file syncs will restore the files to the appropriate local folders.”
The cause for both issues is the same as well – Monday’s Azure Active Directory (AAD) outage.
While each advisory states that the outage has caused local data to become unavailable, neither advisory explains why the files are being deleted from SharePoint’s cloud folders and why users continue to see this happening after the outage has been resolved.
Furthermore, the advisories state that “subsequent file syncs restore the files to the appropriate local folders.” However, admins are not finding this to be the case and have to perform a manual restore.
BleepingComputer has contacted Microsoft about this issue but has not received a reason why this is happening.
Microsoft Teams Free is also affected
To make matters worse, numerous Microsoft Teams Free users report that files shared on their channels are no longer accessible in either the desktop or web client.
“@VDREW we have same issue on Free version of MS Teams. All of our users have lost the files they share with each other within a channel,” a user posted in a help topic on the Microsoft Tech Community.
When attempting to access files, users are shown errors, such as the one below, stating that the file may have been deleted or that the user may not have permission to view it.
Also Read: The Difference Between GDPR And PDPA Under 10 Key Issues
In response to these issues, Microsoft Teams Engineering PM Sam Cosby posted that they are looking into the matter.
“Hi everyone – I just wanted to let you know that I’ve deemed this issue a livesite and have our on-call-engineers looking into this to understand the root of the problem further to hopefully find the cause and resolve as soon as possible. Once I hear back, I’ll let you all know.”
In a later comment posted today, Cosby states that they found the cause for the missing files and would be applying mitigations as soon they can.
Cosby did not share what was causing the users’ files to go missing.
0 Comments