Cyberattack Hits US Lab Contractor, Nuclear Waste Site

A contractor for US national laboratories and a radioactive waste storage site managed by the Department of Energy were among the victims of wide-ranging cyberattack that saw several federal agencies hacked, according to a person familiar with the matter.

(Bloomberg) — A contractor for US national laboratories and a radioactive waste storage site managed by the Department of Energy were among the victims of wide-ranging cyberattack that saw several federal agencies hacked, according to a person familiar with the matter.

A department spokesperson confirmed Thursday that records from two of the agency’s “entities were compromised,” though further details on the extent of the breach couldn’t immediately be determined. Multiple US agencies were compromised by a hacking campaign in which attackers exploited flaws in a popular software tool to gather information from a range of victims.

“DOE took immediate steps to prevent further exposure to the vulnerability and notified the Cybersecurity and Infrastructure Security Agency,” an agency spokesperson said. “The department has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach.”

A contractor for the department’s Office of Science and national laboratories, including Tennessee’s Oak Ridge National Laboratory that conducts nuclear energy research, was among the victims. The Oak Ridge Institute for Science and Education is overseen by the Oak Ridge National Laboratory Site Office, but spokesperson Pam Bonnee said the breached materials had nothing to do with the national lab.

The Energy Department said the lab was not impacted by the attack.

The Energy Department’s Waste Isolation Pilot Plant in Carlsbad, New Mexico, which stores nuclear waste from the country’s weapons thousands of feet underground, was also affected by the attack. The facility’s website was offline on Thursday. A spokesperson at the facility declined to comment.

The US Cybersecurity and Infrastructure Security Agency, a unit of the Department of Homeland Security, confirmed several agencies were affected. Russian-speaking hackers known as Clop have carried out a spate of recent attacks that exploited a vulnerability in MOVEit, a popular file-transfer product, according to the agency.

CISA Director Jen Easterly said the agency is providing support to several federal agencies affected by the MOVEit attack. Easterly said “as far as we know” the hackers are only stealing information stored on the MOVEit file transfer service, and that the intrusions are not being leveraged to gain further access to other parts of networks.

–With assistance from Jeff Stone.

(Updates with comment from Energy Department. A previous version corrected the story to remove reference to uranium for nuclear bombs at Oak Ridge National Laboratory, which the lab no longer produces.)

More stories like this are available on bloomberg.com

©2023 Bloomberg L.P.