A top US nuclear energy testing facility has been hit by a serious cyberattack and data breach
The Idaho National Laboratory (INL), a U.S. government nuclear research center dedicated to the development, demonstration, and deployment of nuclear energy, has confirmed that it has suffered a cyber attack and data theft.
Speaking to local media outlet East Idaho News, INL spokesperson Lori McNamara said the data breach affected servers “in support of the Oracle HCM system, which supports its Human Resources applications.” BleepingComputer reports. “INL has taken immediate action to protect employee data,” McNamara added.
“INL has been in contact with federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency, to investigate the extent of data impacted by this incident.”
Announcing the infringement
At the same time, hacktivists SiegedSec took responsibility for the attack and leaked the stolen data on the Telegram channel. The group is reportedly not interested in paying ransoms or anything like that. The published data includes employee names, dates of birth, email addresses, phone numbers, Social Security numbers (SSN), mailing addresses and employment information for “hundreds of thousands” of people. Not only is this sufficient for identity theft or phishing attacks, this information can also be used for wire fraud.
SiegedSec also posted screenshots of the tools INL reportedly uses internally to access documents and make announcements. An amended announcement was even made and all employees were informed of the data breach.
The INL has more than 5,000 employees, including experts in atomic energy, integrated energy and national security.
According to BleepingComputer, INL is currently working on next-generation nuclear power plants, light water reactors, cybersecurity of control systems, advanced vehicle testing, bioenergy, robotics, nuclear waste processing and more.
We last heard of SiegedSec in February of this year, when it leaked sensitive data of Atlassian employees. In that incident, the group used stolen credentials to access Envoy, a third-party app that Atlassian uses to coordinate internal resources.