Cybercrime , Fraud Management & Cybercrime

Leading Nuclear Energy Testing Lab Suffers Major Data Breach

Hacktivists Leak Sensitive Employee Information From Idaho National Laboratory
Leading Nuclear Energy Testing Lab Suffers Major Data Breach
The self-proclaimed hacktivist group SiegedSec targeted the Idaho National Laboratory. (Image: Shutterstock)

Idaho National Laboratory, a nuclear energy testing lab employing an estimated 5,700 specialists, suffered a massive data breach on Sunday night when a hacking group leaked sensitive employee data online.

See Also: How to Build Your Cyber Recovery Playbook

The U.S. Cybersecurity and Infrastructure Security Agency and the FBI began working with INL to investigate the incident shortly after the lab determined it had been the target of a data breach affecting its human resources applications, according to a spokesperson. Affected data includes Social Security numbers, bank account information and physical addresses.

The spokesperson told local news outlet that the breach had affected its Oracle HCM system, a cloud-based workforce management platform that provides payroll and other human resources solutions.

Self-proclaimed hacktivist group SiegedSec has since taken responsibility for the data breach and appeared to publish a sample of the stolen employee information online, providing the full names, birthdates, email addresses, phone numbers and other identifying information for INL employees on a data breach forum.

The group, which appears politically motivated, was also previously alleged to have stolen data from NATO's unclassified information-sharing platform, the Communities of Interest Cooperation Portal.

INL has not indicated that the breach affected any systems containing classified information or nuclear research, and CISA did not immediately respond to a request for comment.

Regardless of whether nuclear secrets were accessed, Colin Little, security engineer at the cybersecurity firm Centripetal, said it is "highly disconcerting that the staff generating that intellectual property and participating in the most advanced nuclear energy research and development have had their information leaked online."

"Now those who are politically motivated and would very much like to know the names and addresses of the top nuclear energy researchers in the U.S. have that data," he told Information Security Media Group.

INL supports large-scale programs for the Department of Energy, the National Nuclear Security Administration and the Department of Defense. The lab describes itself as "a world leader in securing critical infrastructure systems and improving the resiliency of vital national security and defense assets."

About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.