Performance Issue: Cornell Sharepoint site owners asked to review members
Last Updated:
2025-10-31 08:58:30
Event:
2025-10-30 07:57:00
Status:
Closed
Brief Description:
RESOLVED: SharePoint site owner emails prompted permission reviews by December 1 for sites with more than 25 members. Microsoft Search and Copilot can surface overshared data; limiting permissions is part of CIT’s remediation effort.
User Impact:
N/A
Workaround:
There is no workaround for this issue
Current Status:
All systems are performing as expected
Services Affected:
Collaboration Platforms
Subsites Affected:
Collaboration Tools
Full Description:
RESOLVED: SharePoint site owner emails prompted permission reviews by December 1 for sites with more than 25 members. Microsoft Search and Copilot can surface overshared data; limiting permissions is part of CIT’s remediation effort.
Details:
Unrelated to the October 29 Microsoft Azure/Content Delivery Network portal issues, today’s SharePoint site owner email communications were previously scheduled and could not be subsequently or delayed to a later date. New instructions have been published on the website: https://it.cornell.edu/sharepoint/sharepoint-permissions
Details:
Unrelated to the October 29 Microsoft Azure/Content Delivery Network portal issues, today’s SharePoint site owner email communications were previously scheduled and could not be subsequently or delayed to a later date. New instructions have been published on the website: https://it.cornell.edu/sharepoint/sharepoint-permissions
Teams channels are often linked to a SharePoint site, so individuals who only interact with their group in the Teams channel may not realize their group’s files and other resource are managed in a SharePoint site. Members promoted to co-ownership of their Teams group will receive the same SharePoint site owner email reminder as owners of the more familiar or traditional SharePoint sites associated with projects and individual use.
For SharePoint sites associated with a Teams group, the Teams owners can use their Teams channel to remove members who no longer need access.
SharePoint site owners with more extensive members and multiple site files or folders that may use different permissions will find the email prompt an easy way to access and change permissions.
Microsoft Search and Copilot can surface overshared data, which is driving the permission reviews. Please review and update--as needed--the permissions for SharePoint sites with more than 25 members by December 1, 2025.
For details about the unrelated October 29 Microsoft Azure incident, now resolved, see that alert: https://itservicealerts.hosting.cornell.edu/view/7635
-----
Earlier today, Cornell Sharepoint site owners received unexpected but valid alerts to review site members as part of internal efforts to remediate oversharing of permissions across Microsoft products.
Approximately 900 Sharepoint sites are included in this remediation, and individuals will receive a message for each site they own or co-own.
These email messages may appear as spam or phishing, particularly when individuals own multiple sites.
CIT TDX ID:
2019903
Timeline of Changes
| Description | Current Status | Date | Time |
|---|---|---|---|
RESOLVED: SharePoint site owner emails prompted permission reviews by December 1 for sites with more than 25 members. Microsoft Search and Copilot can surface overshared data; limiting permissions is part of CIT’s remediation effort. Details: Unrelated to the October 29 Microsoft Azure/Content Delivery Network portal issues, today’s SharePoint site owner email communications were previously scheduled and could not be subsequently or delayed to a later date. New instructions have been published on the website: https://it.cornell.edu/sharepoint/sharepoint-permissions Teams channels are often linked to a SharePoint site, so individuals who only interact with their group in the Teams channel may not realize their group’s files and other resource are managed in a SharePoint site. Members promoted to co-ownership of their Teams group will receive the same SharePoint site owner email reminder as owners of the more familiar or traditional SharePoint sites associated with projects and individual use. For SharePoint sites associated with a Teams group, the Teams owners can use their Teams channel to remove members who no longer need access. SharePoint site owners with more extensive members and multiple site files or folders that may use different permissions will find the email prompt an easy way to access and change permissions. Microsoft Search and Copilot can surface overshared data, which is driving the permission reviews. Please review and update--as needed--the permissions for SharePoint sites with more than 25 members by December 1, 2025. For details about the unrelated October 29 Microsoft Azure incident, now resolved, see that alert: https://itservicealerts.hosting.cornell.edu/view/7635 ----- Earlier today, Cornell Sharepoint site owners received unexpected but valid alerts to review site members as part of internal efforts to remediate oversharing of permissions across Microsoft products. Approximately 900 Sharepoint sites are included in this remediation, and individuals will receive a message for each site they own or co-own. These email messages may appear as spam or phishing, particularly when individuals own multiple sites. |
All systems are performing as expected |
2025-10-31 | 08:58:30 |
UPDATE: Unrelated to the October 29 Microsoft Azure/Content Delivery Network portal issues, today’s SharePoint site owner email communications were previously scheduled and could not be subsequently or delayed to a later date. New instructions have been published on the website: https://it.cornell.edu/sharepoint/sharepoint-permissions Teams channels are often linked to a SharePoint site, so individuals who only interact with their group in the Teams channel may not realize their group’s files and other resource are managed in a SharePoint site. Members promoted to co-ownership of their Teams group will receive the same SharePoint site owner email reminder as owners of the more familiar or traditional SharePoint sites associated with projects and individual use. For SharePoint sites associated with a Teams group, the Teams owners can use their Teams channel to remove members who no longer need access. SharePoint site owners with more extensive members and multiple site files or folders that may use different permissions will find the email prompt an easy way to access and change permissions. Microsoft Search and Copilot can surface overshared data, which is driving the permission reviews. Please review and update--as needed--the permissions for SharePoint sites with more than 25 members by December 1, 2025. For details about the unrelated October 29 Microsoft Azure incident, now resolved, see that alert: https://itservicealerts.hosting.cornell.edu/view/7635 ----- Earlier today, Cornell Sharepoint site owners received unexpected but valid alerts to review site members as part of internal efforts to remediate oversharing of permissions across Microsoft products. Approximately 900 Sharepoint sites are included in this remediation, and individuals will receive a message for each site they own or co-own. These email messages may appear as spam or phishing, particularly when individuals own multiple sites. |
All systems are performing as expected |
2025-10-30 | 11:43:44 |
UPDATE: Instructions (for SharePoint site owners receiving emails to review permissions) have been added to a previous IT News story. Earlier today, Cornell Sharepoint site owners received unexpected but valid alerts to review site members as part of internal efforts to remediate oversharing of permissions across Microsoft products. Approximately 900 Sharepoint sites are included in this remediation, and individuals will receive a message for each site they own or co-own. These email messages may appear as spam or phishing, particularly when individuals own multiple sites. |
All systems are performing as expected |
2025-10-30 | 09:31:55 |
Early today, October 30, 2025, Cornell Sharepoint site owners received unexpected but valid email notifications to review the members of their sites as part of internal efforts to remediate oversharing of permissions across Microsoft products. Approximately 900 Sharepoint sites are included in this remediation, and individuals will receive a message for each site they own or co-own. These email messages may appear as spam or phishing, particularly when individuals own multiple sites. Although good hygiene of Sharepoint groups includes removing members that are no longer needed, it is not imperative to take that action today. |
All systems are performing as expected |
2025-10-30 | 08:00:44 |