{"id":2076,"date":"2023-11-20T22:34:06","date_gmt":"2023-11-20T22:34:06","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=78072"},"modified":"2023-11-20T22:34:06","modified_gmt":"2023-11-20T22:34:06","slug":"detailed-data-on-employees-of-u-s-national-security-lab-leak-online","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/11\/20\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online\/","title":{"rendered":"Detailed data on employees of U.S. national security lab leak online"},"content":{"rendered":"<p><head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"robots\" content=\"index, follow, max-image-preview:large, max-snippet:-1, max-video-preview:-1\"> <!-- This site is optimized with the Yoast SEO Premium plugin v20.5 (Yoast SEO v20.5) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ --> <title>Detailed data on employees of U.S. national security lab leak online | CyberScoop<\/title> <meta name=\"description\" content=\"The hacking group SiegedSed released personal data on thousands of employees at the Idaho National Laboratory, the nuclear research lab.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/idaho-national-laboratory-siegedsec\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Detailed data on employees of U.S. national security lab leak online\"> <meta property=\"og:description\" content=\"The hacking group SiegedSed released personal data on thousands of employees at the Idaho National Laboratory, the nuclear research lab.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/idaho-national-laboratory-siegedsec\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-11-20T22:34:06+00:00\"> <meta property=\"article:modified_time\" content=\"2023-11-20T22:49:15+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1275\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Christian Vasquez\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@chrismvasq\"> <!-- \/ Yoast SEO Premium plugin. --> <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1699561119g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1698686983g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1698989400g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=7dab012cdc88b5676610\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/78072\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.4.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=78072\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fidaho-national-laboratory-siegedsec%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fidaho-national-laboratory-siegedsec%2F&amp;format=xml\"> <!-- Google Tag Manager --> <!-- End Google Tag Manager --> <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-78072 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/idaho-national-laboratory-siegedsec\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.030395136778\">\n<div class=\"single-article__header-content\" readability=\"30.761904761905\">\n<p> The hacking group SiegedSed released personal data on thousands of employees at the Idaho National Laboratory, the nuclear research lab. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"425\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online.jpg?resize=640%2C425&#038;ssl=1\" class=\"single-article__cover-image wp-post-image\" alt=\"An aerial view of Idaho National Laboratory.\" decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=300,199 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=768,510 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=1024,680 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=1536,1020 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=600,398 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=253,168 253w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=507,337 507w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=1016,675 1016w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/11\/detailed-data-on-employees-of-u-s-national-security-lab-leak-online-1.jpg?resize=1269,843 1269w\" sizes=\"(max-width: 1016px) 100vw, 1016px\"><figcaption> An aerial view of Idaho National Laboratory. (Photo by Sam Beebe via Flickr) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"48.557142857143\"><body readability=\"100.33113746157\"><\/p>\n<p>A cybercrime group that has engaged in politically motivated attacks breached a human resources application belonging to Idaho National Laboratory, claiming in a post to Telegram on Sunday that it had obtained detailed information on employees working at the nuclear research lab.<\/p>\n<p>The hacking group <a href=\"https:\/\/cyberscoop.com\/tag\/siegedsec\/\">SiegedSec<\/a> said it had accessed \u201chundreds of thousands of user, employee, and citizen data,\u201d including full names, social security numbers, bank account information, and addresses. The group posted a sample of the leaked data, but CyberScoop could not confirm whether SiegedSec is in possession of the much larger data set it claims to have stolen. <\/p>\n<p>An INL spokesperson, Lori McNamara, confirmed that the breach had taken place but said the lab is still investigating the extent. \u201cEarlier this morning, Idaho National Laboratory determined that it was the target of a cybersecurity data breach, affecting the servers supporting its Oracle HCM system, which supports its Human Resources applications. INL has taken immediate action to protect employee data,\u201d McNamara said.<\/p>\n<p>The group has not said why it targeted INL, but the breach presents serious national security concerns. The scientists at INL work on some of the United States\u2019 most sensitive national security programs, including protecting critical infrastructure like the U.S. power grid from cyber and physical attacks. Personal data such as detailed employee and banking information would represent a treasure trove for foreign intelligence agencies looking to penetrate the lab. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>INL has been in touch with the FBI and the Cybersecurity and Infrastructure Security Agency to investigate the extent of the impact, the spokesperson said. The FBI and Oracle did not respond to request for comment before publication. CISA referred a request for comment to INL.<\/p>\n<p>Idaho National Laboratory operates under the Department of Energy and is one of 17 labs that serve as the United States\u2019s research and development test beds. INL is the premier lab for nuclear energy, but also focuses on energy security, reliability and other national security issues, such as cybersecurity.<\/p>\n<p>A sample of the leaked information viewed by CyberScoop includes social security numbers, health care information, bank account and routing numbers, types of accounts, and marital status, among other things. One file includes a detailed list of recent terminations and a brief reason for the termination. Another file that shows active employees\u2019 social security numbers includes more than 6000 lines. As of October 2022, INL said it had around <a href=\"https:\/\/inlcareers.inl.gov\/Demographics\">5,500 employees<\/a> .<\/p>\n<p>Another file containing detailed employee data has just over 58,000 lines of data that span current, retired and former employees.<\/p>\n<p>The date of some of the information in the files posted by SiegedSec show updates as recent as October 31, 2023. Some of the screenshots show additional categories of information beyond what was included in the sample, indicating that there may be more data pilfered than can be determined from the sample.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>It\u2019s unclear how SiegedSec infiltrated the HR application or how the group was able to exfiltrate such a large quantity of data across a wide variety of personal identifiable information.<\/p>\n<p>Oracle describes the Human Capital Management product that was targeted as a \u201ccomplete cloud solution that connects every human resource process \u2014 and every person \u2014 across your enterprise.\u201d<\/p>\n<p>This is not the first time the national laboratories have been targeted by hackers. U.S. national laboratories work on everything from nuclear weapons to renewable technologies \u2014 and everything in between \u2014 and have been the target of multiple state-backed hacking operations. Earlier this year, Russian hackers targeted the Brookhaven, Argonne, and Lawrence Livermore National Laboratories, <a href=\"https:\/\/www.reuters.com\/world\/europe\/russian-hackers-targeted-us-nuclear-scientists-2023-01-06\/\">Reuters reported<\/a>.<\/p>\n<p>SiegedSec, the group that has claimed responsibility for the breach, has a history of carrying out politically motivated cyberattacks, including claims of breaching of NATO systems. The group mostly recently targeted NATO in October, when it <a href=\"http:\/\/cyberscoop.com\/nato-siegedsec-breac\/\">alleged to have stolen roughly 3,000 documents<\/a>. <\/p>\n<p>The group has previously claimed that they are less interested in hacktivist-type attacks and instead consider themselves \u201cmore blackhat than activists,\u201d as the <a href=\"https:\/\/cyberscoop.com\/siegedsec-hack-transition-bans-satellite-systems\/\">group previously told CyberScoop<\/a>. They have previously carried out attacks against U.S. states that limit access to gender-affirming healthcare and abortion. More recently, the group has claimed to attack Israeli infrastructure. <\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p> <!-- .popular-stories__stories --> <\/div>\n<p><!-- .popular-stories__inner -->\n<\/div>\n<p><!-- .popular-stories --> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p> <!-- Start of HubSpot Embed Code --> <!-- End of HubSpot Embed Code --> <\/body> <a href=\"https:\/\/cyberscoop.com\/idaho-national-laboratory-siegedsec\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Detailed data on employees of U.S. national security lab leak<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[452,453,293,1210,568,288],"tags":[454,455,299,1211,571,294],"class_list":["post-2076","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-and-infrastructure-security-agency-cisa","category-department-of-energy-doe","category-department-of-homeland-security-dhs","category-idaho-national-laboratory","category-siegedsec","category-threats","tag-cybersecurity-and-infrastructure-security-agency-cisa","tag-department-of-energy-doe","tag-department-of-homeland-security-dhs","tag-idaho-national-laboratory","tag-siegedsec","tag-threats"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity-and-infrastructure-security-agency-cisa\/\" rel=\"category tag\">Cybersecurity and Infrastructure Security Agency (CISA)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-energy-doe\/\" rel=\"category tag\">Department of Energy (DOE)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/department-of-homeland-security-dhs\/\" rel=\"category tag\">Department of Homeland Security (DHS)<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/idaho-national-laboratory\/\" rel=\"category tag\">Idaho National Laboratory<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/siegedsec\/\" rel=\"category tag\">SiegedSec<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/threats\/\" rel=\"category tag\">Threats<\/a>","tag_info":"Threats","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2076","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2076"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2076\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2076"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2076"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2076"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}