Fermilab – Credential Compromise
The Fermilab physics laboratory has taken action to lock down its systems after security researchers found weaknesses exposing documents, proprietary applications, personal information, project details and credentials. Fermilab, which is part of the US Department of Energy, is a world-famous particle accelerator and physics laboratory in Batavia, Illinois. One database the researchers discovered allowed unauthenticated access to 5,795 documents and 53,685 file entries. One entry point led into Fermilab’s IT ticketing system, which displayed 4,500 trouble tickets. Also found was an FTP server that required no password and allowed anyone to log in anonymously. Other impacted systems exposed credentials, experiment data and other proprietary information that were stored with no security.
Individual Impact: No sensitive personal or financial information was confirmed as compromised in this incident, but the investigation is ongoing.
Customers Impacted: Unknown
Get In Touch
Share On Social Media
Other Recent Blog Articles
Apple Addresses Critical Zero-Day Vulnerabilities Affecting Intel-Based Macs
Apple has addressed two critical zero-day vulnerabilities that were actively exploited by attackers to target Intel-based Macs. The flaws resided in macOS Sequoia’s JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309) components. The…
Read MoreElevating Small Businesses, One Tech Solution at a Time
PDX IT Services, led by industry veteran Steve Shaff, is dedicated to rescuing small businesses from IT chaos. With over 25 years of experience working with Fortune 500 companies and…
Read MorePart 2 with our special guest Victoria Dean – Story Time with Victoria Dean
Join us for Part 2 of our Breaking Down I.T. podcast as we sit down with Victoria Dean, a seasoned IT professional from TAK Consulting. In this episode, we dive…
Read More