Hacktivists breach U.S. nuclear research lab, steal employee data

 November 21, 2023

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after ‘SiegedSec’ hacktivists leaked stolen human resources data online.

INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security.

The INL complex extends over an 890-square-mile (2,310 km2) area, encompassing 50 experimental nuclear reactors, including the first ones in history to produce usable amounts of electricity and the first power plant designed for nuclear submarines.

Currently, INL is occupied with research on next-gen nuclear plants, light water reactors, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, nuclear waste processing, and other studies.

Hacktivists claim attack on INL

On Monday, SiegedSec announced it had gained access to INL data, including details on “hundreds of thousands” of employees, system users, and citizens.

SiegedSec's announcement on hacking forums
SiegedSec’s announcement on hacking forums (BleepingComputer)

As the group has done in previous breaches on NATO and Atlassian, they openly leaked stolen data on hacker forums and a Telegram channel run by the group, not caring to negotiate with the victim or demand ransoms.

The data leaked by SiegedSec includes:

  • Full names
  • Dates of birth
  • Email addresses
  • Phone numbers
  • Social Security Numbers (SSN)
  • Physical addresses
  • Employment information

On Telegram, SiegedSec also posted alleged proof of the breach by sharing screenshots of tools used internally by INL for document access and announcement creation.

The attackers also showed the creation of a custom announcement on INL’s system to let everyone in the complex know about the breach.

Access to internal INL tools
Access to internal INL tools

INL has not published any statements on the incident yet. However, a spokesperson confirmed the breach to local media outlets, commenting that it is currently under investigation and that federal law enforcement is involved.

“Earlier this morning, Idaho National Laboratory determined that it was the target of a cybersecurity data breach, affecting the servers supporting its Oracle HCM system, which supports its Human Resources applications. INL has taken immediate action to protect employee data,” INL media spokesperson Lori McNamara told EastIdahoNews.com.

“INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident.”

Although SiegedSec has neither accessed nor disclosed any data on nuclear research, the incident will inevitably intensify law enforcement scrutiny of the hacktivist group, as INL is considered a vital part of U.S. critical infrastructure.

Source: https://www.bleepingcomputer.com/news/security/hacktivists-breach-us-nuclear-research-lab-steal-employee-data/

- Any text modified or added by CorruptionLedger is highlighted in blue.

- [...] These characters indicate content was shortened. This is used for removing unnecessary/flowery language. Example: The oppressive government imposed a curfew becomes: The [...] government imposed a curfew.