A threat actor claims to have breached the Lawrence Berkeley National Laboratory (LBNL), a U.S. government national laboratory focused on scientific research. LBNL is located in California and is operated by the University of California on behalf of the U.S. Department of Energy. The actor alleges the data breach occurred in October 2025, resulting in the compromise of internal files.
According to the actor, the compromised data includes a collection of the laboratory’s source code and internal tools. The allegedly exfiltrated data includes:
- Internal development tools and software libraries
- Source code files, including Python, C++, and various scripts
- Build automation scripts and configuration files for SCons
- Extensive technical design and user documentation files
