nuclear-news

Hacktivists breach U.S. nuclear research lab, steal employee data.

Bleeping Computer, By Bill Toulas, 21 Nov 23

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after ‘SiegedSec’ hacktivists leaked stolen human resources data online.

INL is a nuclear research center run by the U.S. Department of Energy that employs 5,700 specialists in atomic energy, integrated energy, and national security.

The INL complex extends over an 890-square-mile (2,310 km2) area, encompassing 50 experimental nuclear reactors, including the first ones in history to produce usable amounts of electricity and the first power plant designed for nuclear submarines.

Currently, INL is occupied with research on next-gen nuclear plants, light water reactors, control systems cybersecurity, advanced vehicle testing, bioenergy, robotics, nuclear waste processing, and other studies.

Hacktivists claim attack on INL

On Monday, SiegedSec announced it had gained access to INL data, including details on “hundreds of thousands” of employees, system users, and citizens.

As the group has done in previous breaches on NATO and Atlassian, they openly leaked stolen data on hacker forums and a Telegram channel run by the group, not caring to negotiate with the victim or demand ransoms.

The data leaked by SiegedSec includes:

• Full names
• Dates of birth
• Email addresses
• Phone numbers
• Social Security Numbers (SSN)
• Physical addresses
• Employment information

As the group has done in previous breaches on NATO and Atlassian, they openly leaked stolen data on hacker forums and a Telegram channel run by the group, not caring to negotiate with the victim or demand ransoms.

The data leaked by SiegedSec includes

As the group has done in previous breaches on NATO and Atlassian, they openly leaked stolen data on hacker forums and a Telegram channel run by the group, not caring to negotiate with the victim or demand ransoms.

The data leaked by SiegedSec includes:

• Full names
• Dates of birth
• Email addresses
• Phone numbers
• Social Security Numbers (SSN)
• Physical addresses
• Employment information

On Telegram, SiegedSec also posted alleged proof of the breach by sharing screenshots of tools used internally by INL for document access and announcement creation.

The attackers also showed the creation of a custom announcement on INL’s system to let everyone in the complex know about the breach………………………………….

Although SiegedSec has neither accessed nor disclosed any data on nuclear research, the incident will inevitably intensify law enforcement scrutiny of the hacktivist group, as INL is considered a vital part of U.S. critical infrastructure.  https://www.bleepingcomputer.com/news/security/hacktivists-breach-us-nuclear-research-lab-steal-employee-data/

November 27, 2023 - Posted by Christina Macpherson | incidents, USA