According to local media, the lab has acknowledged a cyber attack resulting from a cybersecurity incident at a federally approved external vendor system.
The Idaho National Laboratory (INL) has been hacked by a group of hackers called Sieged Security (aka SiegedSec). INL, a leading US nuclear research facility, confirmed the breach on Tuesday.
The INL explained that on 20 November, a cybersecurity data breach occurred in a federally approved external vendor system, which the lab uses for supporting INL cloud Human Resources service.
The group, self-identifying as ‘gay furry hackers,’ publicly claimed responsibility for the breach by posting a statement on Telegram and the infamous Breach Forums.
“We’re willing to make a deal with INL. If they research creating IRL catgirls, we will take down this post,” their Telegram post read.
However, it is currently unclear what motivated this attack or persuaded SiegedSec to believe the INL has the expertise to create catgirls. For your information, in July 2023, SiegedSec, the same group that has now claimed responsibility for breaching the Idaho National Laboratory, also asserted its involvement in targeting NATO, leading to the leakage of sensitive details. Additionally, in October 2023, the group was involved in cyberattacks against Israeli Critical Industrial Control Systems (ICS).
Nevertheless, the hackers claim to have obtained a significant amount of employee data, including addresses, Social Security numbers, birth dates, employment information, and phone numbers.
“We’ve accessed hundreds of thousands of user, employee and citizen data..” the hackers added. They also claim to have sent an “announcement” to all INL’s OTBI platform users to prove their access. East Idaho News has confirmed the data’s authenticity after contacting INL employees.
Hackread.com has also conducted an analysis of the leaked data. In total, the leaked database is 207 MB with 43,850 email addresses, predominantly hosted on domains such as @INL.GOV, @ICP.DOE.GOV, and a few on @GMAIL.
The Idaho Falls-based INL has played a pivotal role in developing nuclear energy, and this breach is definitely a big blow to the organization. Currently, it is investigating the incident and the extent of damage with the collaboration of the Department of Homeland Security and the FBI.
In a comment to Hackread.com, Colin Little, Security Engineer at Centripetal, said “Although media surrounding this event claims that no nuclear secrets, intellectual property or R&D information was accessed or stolen, which is fortunate, it is nonetheless highly disconcerting that the staff generating that intellectual property and participating in the most advanced Nuclear Energy R&D have had their information leaked online.”
“There appears to be some controversy about whether the threat actor group who stole the data is at all politically motivated; I find this question to be irrelevant because now those who are politically motivated and would very much like to know the names and addresses of the top Nuclear Energy researchers in the US have that data as well,” Colin argued.
SiegeSec’s demands have been met with disbelief by many. Still, the group maintains that its actions aren’t motivated by a grudge against the organization, and they are just interested in knowing if creating real-life catgirls is possible.
The incident highlights the growing sophistication of cyber threats and the importance of organizations taking steps to protect their data. The release of sensitive employee data poses a serious security risk for the INL and its employees.
Nevertheless, Hackread.com can confirm that the leaked data is now being shared on several underground hacking forums, including Russian-language ones.