Cyber Incident Victim: Fermi National Accelerator Laboratory

In July 2025, a series of cyberattacks exploited a recently disclosed vulnerability in Microsoft SharePoint software, affecting numerous organizations across the United States. According to the nonprofit Center for Internet Security, more than 90 state, local, tribal, and territorial government entities were targeted in the campaign. Cybersecurity firm Eye Security reported that the wave of hacks had claimed at least 400 victims, with multiple federal government agencies among those impacted and new victims being identified daily. The Center for Internet Security noted that, despite the broad targeting, none of the incidents had resulted in confirmed security breaches at the time of its statement.

On the same week, a spokesperson for one of the U.S. Department of Energy's seventeen national laboratories confirmed that the Fermi National Accelerator Laboratory had been included in the targeting. The spokesperson stated that attackers had attempted to access Fermilab's SharePoint servers but were quickly identified by the laboratory's security team. The impact of the attempt was described as minimal, with no sensitive or classified data being accessed or compromised. The U.S. Department of Energy later characterized the SharePoint-related intrusion as affecting only a very small number of its systems overall.

The available sources do not provide further specifics about the attack's duration or any additional details regarding the laboratory's response beyond the identification of the attackers. The incident remains one of many reported within the broader SharePoint vulnerability campaign that continued to affect governmental and federal entities throughout July 2025. No additional public statements regarding Fermilab's involvement were issued by the laboratory or the Department of Energy beyond the spokesperson's remarks.