WASHINGTON, July 23 (Reuters) -

A sweeping cyber-espionage campaign organization centered on

vulnerable versions of Microsoft's ( MSFT ) server software has

now claimed about 400 victims, according to researchers at

Netherlands-based Eye Security.

The figure, which is derived from a count of digital artifacts

discovered during scans of servers running vulnerable versions

of Microsoft's ( MSFT ) SharePoint software, compares to 100

organizations cataloged over the weekend. Eye Security says the

figure is likely an undercount.

"There are many more, because not all attack vectors have left

artifacts that we could scan for," said Vaisha Bernard, the

chief hacker for Eye Security, which was among the first

organizations to flag the breaches.

The spy campaign kicked off after Microsoft ( MSFT )

failed to fully patch a security hole

in its SharePoint server software, kicking off a scramble

to fix the vulnerability when it was discovered. Microsoft ( MSFT ) and

its tech rival, Google owner Alphabet, have both said

Chinese hackers are among those taking advantage of the flaw.

Beijing has denied the claim.

The details of most of the victim organizations have not

yet been fully disclosed. Bernard declined to identify them.