Article Details
Scrape Timestamp (UTC): 2023-11-21 21:21:55.628
Original Article Text
Click to Toggle View
Hacktivists breach U.S. nuclear research lab, steal employee data. The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online. INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security. The INL complex extends over an 890-square-mile (2,310 km2) area, encompassing 50 experimental nuclear reactors, including the first ones in history to produce usable amounts of electricity and the first power plant designed for nuclear submarines. Currently, INL is occupied with research on next-gen nuclear plants, light water reactors, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, nuclear waste processing, and other studies. Hacktivists claim attack on INL On Monday, SiegedSec announced it had gained access to INL data, including details on "hundreds of thousands" of employees, system users, and citizens. As the group has done in previous breaches on NATO and Atlassian, they openly leaked stolen data on hacker forums and a Telegram channel run by the group, not caring to negotiate with the victim or demand ransoms. The data leaked by SiegedSec includes: On Telegram, SiegedSec also posted alleged proof of the breach by sharing screenshots of tools used internally by INL for document access and announcement creation. The attackers also showed the creation of a custom announcement on INL's system to let everyone in the complex know about the breach. INL has not published any statements on the incident yet. However, a spokesperson confirmed the breach to local media outlets, commenting that it is currently under investigation and that federal law enforcement is involved. "Earlier this morning, Idaho National Laboratory determined that it was the target of a cybersecurity data breach, affecting the servers supporting its Oracle HCM system, which supports its Human Resources applications. INL has taken immediate action to protect employee data," INL media spokesperson Lori McNamara told EastIdahoNews.com. "INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security's Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident." Although SiegedSec has neither accessed nor disclosed any data on nuclear research, the incident will inevitably intensify law enforcement scrutiny of the hacktivist group, as INL is considered a vital part of U.S. critical infrastructure.
Daily Brief Summary
The Idaho National Laboratory (INL), crucial for U.S. atomic energy and national security research, was targeted by a cyberattack from 'SiegedSec' hacktivist group.
SiegedSec claims to have accessed and leaked extensive human resources data, which includes information on a vast number of personnel and associates.
The leaked data were posted on hacker forums and Telegram, demonstrating SiegedSec's pattern of bypassing ransom negotiations in favor of public disclosure.
Screenshots disseminated by the hackers suggested they had infiltrated INL systems to an extent that allowed them to create internal announcements about the breach.
The INL spokesperson has confirmed the cyberattack without specifying details, stating that immediate measures were taken to safeguard affected data and federal law enforcement is investigating the incident.
The compromised server supported INL’s Oracle HCM system, used for Human Resources applications, but there is no indication that any nuclear research information was accessed or disclosed.
The attack on INL, a component of the U.S.'s critical infrastructure, is expected to result in increased attention and pursuit of SiegedSec by law enforcement agencies.