Recent Cybersecurity Incident at Idaho National Laboratory
Just last month, the Idaho National Laboratory (INL) confirmed a cybersecurity breach in which attackers stole the personal information of over 45,000 individuals. The attack targeted INL’s cloud-based Oracle HCM HR management platform. As one of the 17 U.S. Department of Energy’s (DOE’s) national laboratories, INL employs 6,100 researchers and support staff involved in national security and nuclear research.
Investigation into the Data Breach
On November 20th, INL confirmed the “cybersecurity data breach” that impacted its off-site Oracle HCM system. The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigations (FBI) are currently looking into the breach’s impact as part of an ongoing joint investigation.
According to breach notification letters filed with the Maine Attorney General’s Office this week, the attackers exfiltrated the data of 45,047 current and former employees (including postdocs, graduate fellows, and interns), as well as their dependents and spouses. The breach did not affect employees hired after June 1, 2023.
Types of Compromised Data
INL is still investigating the full impact of the incident, but it has been confirmed that multiple forms of sensitive personally identifiable information (PII) were affected. This includes names, social security numbers, salary information, and banking details.
In a statement, INL said, “The event did not impact INL’s own network, or other networks or databases used by employees, lab customers, or other contractors. The breach only impacted the cloud-based Oracle HCM test environment that resides off-site.”
While INL has not attributed the attack to a specific group, a well-known hacking organization has claimed responsibility via social media. However, a full investigation must be completed to confirm this information.
The Hackers’ Claims
The hacktivist group SiegedSec claimed the attack on November 20th and leaked stolen human resources data on a hacking forum. SiegedSec has made no attempt to negotiate or demand a ransom from INL, directly publishing the data online instead.
The group provided evidence of their access to INL’s systems by sharing a custom announcement they made using INL’s system to notify everyone on the campus, along with screenshots of internal INL tools.
SiegedSec claims the data they leaked online includes a wide range of sensitive information, such as affected individuals’ full names, dates of birth, email addresses, phone numbers, Social Security Numbers (SSN), physical addresses, and employment information.
Don’t Let Your Business Become the Next Target
As a U.S. business owner, this recent cybersecurity incident at INL should serve as a wake-up call. The risk of cyberattacks is real, and the consequences can be devastating. Don’t wait until it’s too late – protect your company and your employees’ sensitive information now.
At ZZ Servers, we understand the importance of cybersecurity and are here to help. Our team of experts can assess your current security measures, recommend the best solutions to protect your business, and implement them effectively. Contact us today to learn how we can assist you in safeguarding your company from cyber threats.
