In the previous month, the Idaho National Laboratory (INL) encountered a security breach on its cloud-based Oracle HCM HR management platform. Consequently, the attackers managed to pilfer the personal data of more than 45,000 individuals.
INL is a prestigious national laboratory that is part of the U.S. Department of Energy (DOE), along with 16 other laboratories. The organization employs a total of 6,100 personnel, including both researchers and support staff, who are dedicated to conducting vital research in the fields of national security and nuclear studies.
On November 20, it publicly recognized a “cybersecurity data breach” that had impacted its off-site Oracle HCM system the day before. The repercussions of the situation are being examined by CISA and FBI as part of an ongoing coordinated investigation.
The breach notification letters filed with the Maine Attorney General’s Office this week indicate that the research laboratory has reported the successful extraction of data belonging to 45,047 individuals. These individuals include both current and former employees (including postdocs, graduate fellows, and interns), as well as their dependents and spouses. The situation did not affect staff who were hired after June 1, 2023.
The laboratory is presently analyzing the full consequences of the occurrence. It has been verified that numerous categories of extremely sensitive personally identifiable information (PII) were breached, including people’ names, social security numbers, income particulars, and banking data.
“The event did not impact INL’s internal network, as well as any external networks or databases used by employees, laboratory clients, or other contractors.” The hack specifically impacted the Oracle HCM test environment that is hosted off-site in the cloud.The statement was issued by the Idaho National Laboratory (INL).
“A prominent hacking entity has asserted accountability via social media; nevertheless, a thorough investigation is required to authenticate this information.”
Although the INL has not formally attributed the attack to a specific entity, the hacktivist group SiegedSec has openly admitted to being responsible for the attack on November 20. In addition, they have disclosed pilfered human resources data on a hacking forum.