Apparently, attackers sent phishing emails to some 573 lab employees that were disguised to look like they came from the lab's HR department and claimed there were some benefits-related changes. Some employees clicked on the link, which resulted in an information-stealing malware program being downloaded on their systems. Attackers were attempting to pilfer technical data from lab's systems and send it to an external system.
According to knoxnews.com, ORNL Director Thom Mason says the malware program exploited a zero-day vulnerability in Internet Explorer. However, damage seems to have been minimal. Barbara Penland, ORNL's director of communications, says whoever was behind the attacks managed to steal less than 1GB of data.