US nuclear weapons agency breached using Microsoft SharePoint hack

The US government agency in charge of designing and maintaining nuclear weapons was among those breached by a hack of Microsoft's SharePoint server software, Bloomberg reported. However, attackers weren't able to obtain any sensitive or classified information, according to an unnamed source with knowledge of the matter.

The breach occurred at the National Nuclear Security Administration, an arm of the Energy Department responsible for producing and dismantling nuclear arms. "On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy," a spokesperson told Bloomberg. "A very small number of systems were impacted. All impacted systems are being restored."

The exploit only affects SharePoint for on-premises servers. The Department of energy said it was minimally impacted because it widely uses Microsoft M365 cloud "and very capable cybersecurity systems," the spokesperson added.

Microsoft blamed the attack on state-sponsored Chinese hackers. They reportedly exploited flaws in SharePoint document management software and were able to access and control systems and steal security credentials and tokens. "It's a dream for ransomware operators," Google's Threat Intelligence Group said, adding that the flaw allows "persistent, unauthenticated access that can bypass future patching."

Attackers also accessed the US Education Department and Florida's Department of Revenue, along with government systems in other nations including the Middle East and Europe. Microsoft announced on Monday that it had released a new security patch "to mitigate active attacks targeting on-premises [and not online] servers."

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/us-nuclear-weapons-agency-breached-using-microsoft-sharepoint-hack-120027770.html?src=rss https://www.engadget.com/cybersecurity/us-nuclear-weapons-agency-breached-using-microsoft-sharepoint-hack-120027770.html?src=rss

Created 8h | Jul 23, 2025, 12:40:14 PM

Other posts in this group

Microsoft backtracks on $80 The Outer Worlds 2 pricing

There's hope that the gaming industry won't follow Nintendo's lead with $80 pricing. (Well, at least not yet.) On Wednesday, Microsoft

Jul 23, 2025, 7:40:05 PM | Engadget

Qi2 25W wireless charging is coming to iPhones and 'major Android smartphones'

The newest version of the Qi2 wireless standard is coming to iPhones and some

Jul 23, 2025, 7:40:04 PM | Engadget

T-Mobile's Starlink satellite service is now available after months of testing

T-Mobile's satellite-to-mobile service is now officially

Jul 23, 2025, 5:20:31 PM | Engadget

Google adds its photo-to-video tech to YouTube Shorts

Google has been putting more AI tools in just about all of its services, and two more are getting the treatment. First up, Google Photos is

Jul 23, 2025, 5:20:29 PM | Engadget

Anker Nebula X1 projector review: The king of outdoor movies, if you can afford it

My dream projector delivers the brightest and sharpest image. But it also has to be easy to move around and set up anywhere — especially outdoors. Anker’s

Jul 23, 2025, 5:20:28 PM | Engadget

Uber will help pair women riders and drivers in the US

Uber has announced that Women Preferences, a feature which will allow women riders to be matched e

Jul 23, 2025, 5:20:27 PM | Engadget

Trump's AI Action Plan targets state regulation and 'ideological bias'

At the start of the year, President Trump announced his

Jul 23, 2025, 5:20:26 PM | Engadget

Techie