Employee data hit in Idaho National Lab cyberattack

The Energy Innovation Lab at Idaho National Laboratory

The Energy Innovation Lab at Idaho National Laboratory Photo courtesy: INL

The lab confirmed that it has been in touch with federal law enforcement agencies concerning the attack on its servers.

The Idaho National Laboratory suffered a widespread data breach on November 20, highlighting the ongoing digital dangers organizations continue to face as the Biden administration ramps up its cybersecurity awareness campaigns. 

Officials from the laboratory confirmed to Nextgov/FCW that its digital network was targeted by a cyberattack on Monday. The attack affected servers that support the Human Resources department within the lab that use Oracle software.The impacted data included employee information. 

“INL has taken immediate action to protect employee data,” Lorie McNamara, a media spokesperson at the lab, said. “INL has been in touch with federal law enforcement agencies, including the FBI and the Department of Homeland Security’s Cyber Security and Infrastructure Security Agency to investigate the extent of data impacted in this incident.”

A hacker group called SiegedSec has publicly claimed responsibility for the hack. INL declined to confirm who was responsible.

The Idaho National Laboratory, part of the system of nationwide labs run by the U.S. Department of Energy, is widely known for its research in nuclear energy sciences. In recent years, its research portfolio has also included crafting electric vehicle batteries and working with bioenergy and geothermal energy. 

In 2011, the Oak Ridge National Laboratory in Tennessee, another government laboratory, also suffered a major cyberattack spurred by phishing email techniques.