diff --git a/src/pkg/services/m365/sites.go b/src/pkg/services/m365/sites.go
index 439f53616..a70553208 100644
--- a/src/pkg/services/m365/sites.go
+++ b/src/pkg/services/m365/sites.go
@@ -114,22 +114,26 @@ func ParseSite(item models.Siteable) *Site {
 
 	if item.GetDrive() != nil &&
 		item.GetDrive().GetOwner() != nil &&
-		item.GetDrive().GetOwner().GetUser() != nil {
+		item.GetDrive().GetOwner().GetUser() != nil &&
+		// some users might come back with a nil ID
+		// most likely in the case of deleted users
+		item.GetDrive().GetOwner().GetUser().GetId() != nil {
 		s.OwnerType = SiteOwnerUser
 		s.OwnerID = ptr.Val(item.GetDrive().GetOwner().GetUser().GetId())
-	}
+	} else if item.GetDrive() != nil && item.GetDrive().GetOwner() != nil {
+		ownerItem := item.GetDrive().GetOwner()
+		if _, ok := ownerItem.GetAdditionalData()["group"]; ok {
+			s.OwnerType = SiteOwnerGroup
 
-	if _, ok := item.GetAdditionalData()["group"]; ok {
-		s.OwnerType = SiteOwnerGroup
+			group, err := tform.AnyValueToT[map[string]any]("group", ownerItem.GetAdditionalData())
+			if err != nil {
+				return s
+			}
 
-		group, err := tform.AnyValueToT[map[string]any]("group", item.GetAdditionalData())
-		if err != nil {
-			return s
-		}
-
-		s.OwnerID, err = str.AnyValueToString("id", group)
-		if err != nil {
-			return s
+			s.OwnerID, err = str.AnyValueToString("id", group)
+			if err != nil {
+				return s
+			}
 		}
 	}
 
diff --git a/src/pkg/services/m365/sites_test.go b/src/pkg/services/m365/sites_test.go
index de67a6de2..b23d84226 100644
--- a/src/pkg/services/m365/sites_test.go
+++ b/src/pkg/services/m365/sites_test.go
@@ -61,6 +61,34 @@ func (suite *siteIntegrationSuite) TestSites() {
 	}
 }
 
+func (suite *siteIntegrationSuite) TestSites_GetByID() {
+	t := suite.T()
+
+	ctx, flush := tester.NewContext(t)
+	defer flush()
+
+	acct := tconfig.NewM365Account(t)
+
+	sites, err := Sites(ctx, acct, fault.New(true))
+	assert.NoError(t, err, clues.ToCore(err))
+	assert.NotEmpty(t, sites)
+
+	for _, s := range sites {
+		suite.Run("site_"+s.ID, func() {
+			t := suite.T()
+			site, err := SiteByID(ctx, acct, s.ID)
+			assert.NoError(t, err, clues.ToCore(err))
+			assert.NotEmpty(t, site.WebURL)
+			assert.NotEmpty(t, site.ID)
+			assert.NotEmpty(t, site.DisplayName)
+			if site.OwnerType != SiteOwnerUnknown {
+				assert.NotEmpty(t, site.OwnerID)
+				assert.NotEmpty(t, site.OwnerType)
+			}
+		})
+	}
+}
+
 func (suite *siteIntegrationSuite) TestSites_InvalidCredentials() {
 	table := []struct {
 		name string