The Idaho National Laboratory, part of the U.S. Department of Energy and one of the country’s foremost advanced nuclear energy testing labs, has suffered a breach that released the details of employees online.

A hacking group called SiegeSec took responsibility for the breach, which occurred Sunday night. In a statement to local media, INL media spokesperson Lori McNamara described the attack as a “cybersecurity data breach” that affected the servers supporting the lab’s Oracle HCM system used for human resources applications. Law enforcement agencies, including the Federal Bureau of Investigation and the Cyber Security and Infrastructure Agency, have been informed.

According to a message shared on its Telegram group and subsequently on X, SiegedSec claimed that it obtained “hundreds of thousands of user, employee and citizen data”  in the hack, including full names, dates of birth, email addresses, phone numbers, Social Security numbers, address, employment information and “lots lots more!” The group is also sharing a link to the files.

SeigeSec first appeared on the scene just before Russia’s invasion of Ukraine in February 2022 under the leadership of a hacktivist known as “YourAnonWolf,” according to a profile of the group from SOCRadar. The group self-identifies as “gay furry hackers” and is known for its comical slogans and vulgar language. Its members are believed to range in age from 18 to 26.

The group has not flown under the radar. The North Atlantic Treaty Organization announced in October it was investigating reports that SeigeSec had breached its systems and leaked unclassified documents online. Though primarily targeting government organizations, the group has also aimed at other companies and organizations. The group appears to do it for the love of hacking versus any strong political affiliation, seemingly happy to hack U.S. and Russian targets alike.

There’s no suggestion that nuclear secrets were stolen in the attack of INL, but it’s nonetheless concerning that one of the most important government laboratories in the U.S. was hacked at all.

Although the methodology used to gain access has not been disclosed, John Gunn, chief executive of authentication company Tokenize Inc., told SiliconANGLE that “90% of data breaches start with a successful phishing attack, yet most organizations are using 20-year-old legacy multifactor authentication technology as their primary means of securing access.”

“So many headlines and so many breached companies and all from the same vulnerability — people falling victim to sophisticated phishing attacks — and it will only get worse as cybercriminals expand their use of artificial intelligence,” Gunn added.

Photo: Department of Energy