The Idaho National Laboratory (INL), a prominent nuclear research center operated by the U.S. Department of Energy, has confirmed falling victim to a cyberattack.
The Idaho National Laboratory (INL), a prominent nuclear research center operated by the U.S. Department of Energy, has confirmed falling victim to a cyberattack. The breach was announced by hacktivist group ‘SiegedSec,’ which subsequently leaked stolen human resources data online, affecting hundreds of thousands of employees, system users, and citizens associated with INL.
The INL complex, sprawling over an expansive 890-square-mile area, is engaged in critical research spanning atomic energy, integrated energy, and national security.
Boasting 50 experimental nuclear reactors, including historic ones producing usable electricity and designed for nuclear submarines, INL is at the forefront of next-gen nuclear plant research, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, and nuclear waste processing.
SiegedSec, known for previous breaches targeting NATO and Atlassian, openly disclosed its access to INL data, showcasing a brazen disregard for negotiation or ransom demands. The leaked information includes full names, dates of birth, email addresses, phone numbers, Social Security Numbers (SSN), physical addresses, and employment details of those affected.
On Telegram, the group even shared screenshots of internal tools used by INL for document access, along with evidence of a custom announcement created on INL’s system to notify personnel of the breach.
While INL has not issued an official statement on the incident, a spokesperson acknowledged the breach and assured ongoing investigations involving federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency.
Lori McNamara, the INL media spokesperson, stated, “INL has taken immediate action to protect employee data. Idaho National Laboratory has been in touch with federal law enforcement agencies to investigate the extent of data impacted in this incident.”
Although SiegedSec has not claimed access to or disclosure of any nuclear research data, the breach poses a heightened risk due to INL’s critical role in U.S. infrastructure. The incident underscores the growing threat landscape, prompting increased vigilance and cybersecurity measures across critical facilities.