US nuclear weapons agency breached using Microsoft SharePoint hack

The US National Nuclear Security Administration, responsible for designing and maintaining nuclear weapons, was among the government agencies breached by a hack of Microsoft's SharePoint server software. However, the attackers were unable to obtain any sensitive or classified information. The breach occurred on July 18th and affected a small number of systems, which have since been restored. The exploit targeted on-premises SharePoint servers, not the Microsoft M365 cloud services used widely by the Department of Energy. Microsoft blamed the attack on state-sponsored Chinese hackers, who exploited vulnerabilities in the SharePoint document management software to gain persistent, unauthenticated access. This flaw also allowed the attackers to steal security credentials and tokens. The breach also affected the US Education Department, Florida's Department of Revenue, and government systems in other nations, including the Middle East and Europe. Microsoft has released a security patch to mitigate the active attacks targeting on-premises servers.