Leading Nuclear Energy Testing Lab Suffers Major Data BreachHacktivists Leak Sensitive Employee Information From Idaho National Laboratory
Idaho National Laboratory, a nuclear energy testing lab employing an estimated 5,700 specialists, suffered a massive data breach on Sunday night when a hacking group leaked sensitive employee data online.
The U.S. Cybersecurity and Infrastructure Security Agency and the FBI began working with INL to investigate the incident shortly after the lab determined it had been the target of a data breach affecting its human resources applications, according to a spokesperson. Affected data includes Social Security numbers, bank account information and physical addresses.
The spokesperson told local news outlet EastIdahoNews.com that the breach had affected its Oracle HCM system, a cloud-based workforce management platform that provides payroll and other human resources solutions.
Self-proclaimed hacktivist group SiegedSec has since taken responsibility for the data breach and appeared to publish a sample of the stolen employee information online, providing the full names, birthdates, email addresses, phone numbers and other identifying information for INL employees on a data breach forum.
The group, which appears politically motivated, was also previously alleged to have stolen data from NATO's unclassified information-sharing platform, the Communities of Interest Cooperation Portal.
INL has not indicated that the breach affected any systems containing classified information or nuclear research, and CISA did not immediately respond to a request for comment.
Regardless of whether nuclear secrets were accessed, Colin Little, security engineer at the cybersecurity firm Centripetal, said it is "highly disconcerting that the staff generating that intellectual property and participating in the most advanced nuclear energy research and development have had their information leaked online."
"Now those who are politically motivated and would very much like to know the names and addresses of the top nuclear energy researchers in the U.S. have that data," he told Information Security Media Group.
INL supports large-scale programs for the Department of Energy, the National Nuclear Security Administration and the Department of Defense. The lab describes itself as "a world leader in securing critical infrastructure systems and improving the resiliency of vital national security and defense assets."