File shared in OneDrive delivered to undesignated account

Question

Users in our organization have reported that files they shared are showing up in an account they did not share the file with.

In one case, when collecting information on the occurrence, the file was NOT showing 2 of the people who the file had been shared with. These folks had already viewed the file. For this file, the "shared with" view did list the account that the staffer had not shared the file with, and OneDrive did not give the option to stop sharing with that account, but did allow us to stop sharing the file altogether.

It seems that multiple people are noticing their shared files are getting shared to a department account even though the staff are granting direct access to specific accounts (but not the department account).

I have investigated and dismissed some operator errors such as being logged into the wrong account or clicking too quickly and selecting the wrong account by accident.

4 different staff have reported that they used the share function and the file was received by the intended personnel but that after discovering it had also been received by a department account, the intended personnel were not listed as having the file shared with them but the department account was listed.

This seems like more than a coincidence or simple OE due to the fact that it has happened to 4 staff all within the past few weeks and has never happened before.

Any guesses? OneDrive glitch? file fay? data imp?

Answer 1

@LizzieLibraryITAsst

Based on your description, I have some questions as below.
-How did you share the files?
-Are these shared files forwarded by the intended users to other account?
-What is the sharing access you set?

Please sign in OneDrive admin center with admin account to check the sharing level settings in Sharing.

Besides, you could refer to “See who a file is shared with in OneDrive or SharePoint”, steps in it may be helpful to manage access.

Any updates, please let me know.

---

If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

The files are being shared via OneDrive. The staff are clicking the share icon in OneDrive or in Word or Excel, then adding the accounts they wish to have direct access to the file.

The files are not being forwarded. While investigating, I saw that direct access had been granted to an unintended account. In 4 incidents, by 4 different users, 4 different files got shared to the same unintended account. It is the only commonality.

Staff have been granting view & Edit permission, but since this has been reported, I'm recommending all staff share with view only as the default unless edit permissions are needed.

Our organization level permissions are mostly set to the default with only a little tweaking to control sharing outside our organization.

As to the "see who the file is shared with" feature, it was while investigating that I discovered a file was in fact shared with the unintended account. That was also how I discovered that the file was not showing as being shared with accounts who had access in OneDrive and were able to view it under "Files Shared with Me" tab.

Initially, I had assumed it was all operator error, but there seems to be too many coincidences for me to continue with this assumption. (i.e. 4 different files, shared by 4 different users, all ended up shared to the same department account and all not showing the other accounts they were shared with, only the department account.)

Thank you for your time