A spokesperson for the U.S. Department of Energy announced that the department received ransom requests from one of the extortion groups with ties to Russia, targeting two facilities—one for nuclear waste and the other related to scientific education—which were recently affected in a global hacking campaign. The first report of the campaign came in on Thursday, in which data from two entities within the Department of Energy was exposed when hackers exploited a vulnerability in the "MoveIt" file transfer software.
The spokesperson stated that the requests arrived in emails addressed to each facility, but the specific ransom amount was not disclosed. They added, "The requests came individually, not in carbon copy format," and the entities that received the requests did not interact with the hackers, with no indication of the ransom requests being rescinded.
The department, which oversees U.S. nuclear weapons and military-related nuclear waste sites, has notified Congress of the breach and is engaging in investigations with law enforcement and the Cybersecurity and Infrastructure Security Agency. The agency reported that it had not observed any serious impact on the federal executive branch, but it is collaborating with partners regarding the matter.
