The US National Nuclear Security Administration (NNSA), the agency responsible for maintaining and developing the nation's nuclear weapons repository, was compromised in a massive hacker attack on Microsoft's SharePoint web document management platform, Bloomberg reported, citing sources.
People familiar with the matter said no confidential or classified information was stolen in the attack on NNSA, although other Department of Energy departments were also compromised.
"On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy," a department spokesperson said in an email. "The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored."
Recall that the hacker attack, which was somehow linked to groups affiliated with the Chinese government, affected only those organizations that used on-premises solutions for storing and accessing documents. Microsoft customers who used cloud storage were protected.
NNSA's tasks also include providing the Navy with nuclear reactors for submarines, responding to radiation emergencies, and transporting nuclear weapons throughout the United States. In addition, the agency plays a major role in the fight against terrorism.