Hacktivists Breach U.S. Nuclear Research Lab, Steal Employee Data

Cyber Security Threat Summary:
The Idaho National Laboratory (INL) announced this week that they suffered a cyberattack after SiegedSec hacktivists leaked stolen human resources data online. INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security. The INL complex manages 50 experimental nuclear reactors, including some of the first plants in history to produce usable amounts of electricity, and the first to power nuclear submarines.

INL produces research on next generation nuclear plants, light water reactors, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, nuclear waste processing, among other research.

Security Officer Comments:
This Monday, SiegedSec announced it had gained access to INL data, which includes hundreds of thousands of records of employees, system users, and citizens. The group openly leaked the stolen data on hacker forums and Telegram channels run by the group. The motive for the attack is unclear as the group does not negotiate with victims or demand ransoms. On Telegram, SiegedSec also posted alleged proof of the breach by sharing screenshots of tools used internally by INL for document access and announcement creation. The attackers also showed the creation of a custom announcement on INL's system to let everyone in the complex know about the breach. The data leaked by SiegedSec includes:

  • Full names
  • Dates of birth
  • Email addresses
  • Phone numbers
  • Social Security Numbers (SSN)
  • Physical addresses
  • Employment information
Suggested Correction(s):
While the INL has not released full details of that attack, they did confirm the breach to local media outlets, and said they are working with federal law enforcement. "INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security's Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident."

“Although SiegedSec has neither accessed nor disclosed any data on nuclear research, the incident will inevitably intensify law enforcement scrutiny of the hacktivist group, as INL is considered a vital part of U.S. critical infrastructure” (Bleeping Computer, 2023).