A top US nuclear energy testing facility has been hit by a serious cyberattack and data breach

News
By
published

Idaho National Laboratory was attacked by SiegedSec

Zero-day attack
(Image credit: Shutterstock) (Image credit: Shutterstock.com)

The Idaho National Laboratory (INL), a US government nuclear research center that works on the development, demonstration, and deployment of nuclear energy, has confirmed suffering a cyberattack and data theft.

Speaking to local media outlet East Idaho News, INL spokesperson Lori McNamara said the data breach affected servers “supporting its Oracle HCM system, which supports its Human Resources applications,” BleepingComputer reports. “INL has taken immediate action to protect employee data," McNamara added.

"INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security's Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident."

Reader Offer: $50 Amazon gift card with demo

Reader Offer: $50 Amazon gift card with demo
Perimeter 81's Malware Protection intercepts threats at the delivery stage to prevent known malware, polymorphic attacks, zero-day exploits, and more. Let your people use the web freely without risking data and network security.

Preferred partner (What does this mean?

Announcing the breach

At the same time, hacktivists SiegedSec took responsibility for the attack, leaking the stolen data on its Telegram channel. Allegedly, the group is not interested in any ransom payment or anything of the sort. The data it published includes employee names, birth dates, email addresses, phone numbers, Social Security Numbers (SSN), postal addresses, and employment information on “hundreds of thousands” of people. Not only is this enough for identity theft or phishing attacks, this information can be used for wire fraud, too.

SiegedSec also posted screenshots of the tools INL allegedly uses in-house to access documents and create announcements. In fact, it created a custom announcement and notified all employees of the data breach.

The INL has more than 5,000 employees, including experts in atomic energy, integrated energy, and national security. 

As per BleepingComputer, INL currently works on next-gen nuclear plants, light water reactors, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, nuclear waste processing, and more.

We last heard of SiegedSec in February this year, when it leaked Atlassian workers’ sensitive data. In that incident, the group used stolen credentials to access Envoy, a third-party app that Atlassian uses for the coordination of in-office resources.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
An American flag flying outside the US Capitol building against a blue sky
US military and defense contractors hit with Infostealer malware
Hacker silhouette working on a laptop with North Korean flag on the background
North Korean Lazarus hackers are targeting nuclear workers
ransomware avast
Engineering giant ENGlobal confirms hackers hit internal data
An American flag flying outside the US Capitol building against a blue sky
More alleged Chinese intrusions into the US Treasury revealed
Code Skull
Ransomware attack forces US government contractor ENGlobal to shut down some operations
Security
American National Insurance Company breach data found online
Latest in Security
Web DDoS attacks see major surge as AI allows more powerful attacks
Polish space agency says it was hit by a cyberattack
Microsoft
Microsoft names cybercriminals who created explicit deepfakes
A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."
More reports claim 2024 was the worst year for ransomware attacks yet
Representational image of a cybercriminal
Microsoft discovers five potentially damaging attacks against its own software
Avast cybersecurity
Zapier tells customers their data may have been accessed
Latest in News
Web DDoS attacks see major surge as AI allows more powerful attacks
Pulchra Fellini in Zenless Zone Zero.
Zenless Zone Zero Version 1.6 will finally let you play as a furry gunslinger
Two hands holding the Tecno Spark Slim phone
The world’s thinnest phone was just revealed, but a new iPhone 17 Air leak suggests it could be even slimmer
Polish space agency says it was hit by a cyberattack
The new limited edition Ray-Ban Meta smart glasses show a translucent design.
Ray-Ban and Meta just teased new limited-edition smart glasses – but they'll be in frustratingly short supply
A MacBook Air on the left, showing the macOS lock screen, and the iPad Air in two sizes on the left, showing an abstract wallpaper
New MacBook Air launch expected imminently – all the latest news and rumors live
More about security

Web DDoS attacks see major surge as AI allows more powerful attacks

Polish space agency says it was hit by a cyberattack
Two hands holding the Tecno Spark Slim phone

The world’s thinnest phone was just revealed, but a new iPhone 17 Air leak suggests it could be even slimmer
See more latest
Most Popular
Two hands holding the Tecno Spark Slim phone
The world’s thinnest phone was just revealed, but a new iPhone 17 Air leak suggests it could be even slimmer
Google Pixel 9 Pro
Google Password Manager may be set to introduce a nuclear option for its Android app
Pulchra Fellini in Zenless Zone Zero.
Zenless Zone Zero Version 1.6 will finally let you play as a furry gunslinger
Web DDoS attacks see major surge as AI allows more powerful attacks
The new limited edition Ray-Ban Meta smart glasses show a translucent design.
Ray-Ban and Meta just teased new limited-edition smart glasses – but they'll be in frustratingly short supply
Polish space agency says it was hit by a cyberattack
OnePlus Watch 3
The OnePlus Watch 2 won't get Wear OS 5 until Q3 of this year, and the news for the OnePlus Watch 3 is even worse
A MacBook Air on the left, showing the macOS lock screen, and the iPad Air in two sizes on the left, showing an abstract wallpaper
New MacBook Air launch expected imminently – all the latest news and rumors live
PCI Express bus interface connector, x16, x8, x4, x1, on the computer motherboard
AMD warns its RX 9070 GPUs are strictly ‘UEFI-only’ – and if that sounds worrying, don’t panic, it probably doesn’t affect you
An Nvidia GeForce RTX 5070
Worried your Nvidia RTX 5080, 5090 or 5070 Ti isn't performing as well as it should? CPU-Z can now check your GPU for missing ROPs