In November 2023, a significant data breach occurred at a major national laboratory, affecting various employees. The breach involved unauthorized access to a critical human resources system, leading to the exposure of sensitive information. A hacktivist group claimed responsibility for the breach, sharing evidence of the stolen data and internal tools. The laboratory is working with multiple federal agencies and other national labs to investigate and address the incident.

How many accounts were compromised?

The data breach impacted 45.047 individuals.

What data was leaked?

The data exposed in the breach included names, Social Security numbers, salary information, banking details, dates of birth, email addresses, phone numbers, physical addresses, marital status, and employment information.

How was Idaho National Laboratory hacked?

The breach occurred offsite on a federally approved cloud-based system supported by a subcontractor, where the test environment was accessed by the threat actor SiegedSec. Although specific methods used by the hackers remain unclear, they typically employ SQL injection and cross-site scripting (XSS) attacks. INL's own network was not breached in the incident.

Idaho National Laboratory's solution

In response to the hacking incident, Idaho National Laboratory took immediate action to protect employee data and contracted with Experian to provide no-cost credit monitoring, identity theft, and identity restoration services for all impacted individuals. INL is also collaborating with the Department of Energy, the Federal Bureau of Investigation, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, and other national labs to investigate the breach and understand its scope. While specific enhanced security measures remain unclear, it is worth noting that INL has an unparalleled team of cybersecurity experts to monitor, train, and research the security of their systems.

How do I know if I was affected?

Idaho National Laboratory has notified individuals believed to be affected by the breach. If you are a current or former employee of Battelle Energy Alliance or an Idaho Cleanup Project employee and have not received a notification, you may visit Have I Been Pwned to check your credentials.

What should affected users do?

In general, affected users should:

• Change Your Passwords: Immediately update your passwords for all affected accounts. Make sure the new passwords are strong and unique, not previously used on any other platform.

• Reset Passwords for Other Accounts: If you've used the same or similar passwords for other online accounts, reset those as well. This is crucial as attackers often try using stolen passwords on multiple sites.

• Enable Two-Factor Authentication (2FA): Activate 2FA on all important online accounts to significantly reduce the risk of unauthorized access.

• Monitor Your Accounts: Keep an eye on your financial and personal accounts for any suspicious activity, and report any irregularities to the appropriate institutions.

For more specific help and instructions related to Idaho National Laboratory's data breach, please contact Idaho National Laboratory's support directly.

Where can I go to learn more?

If you want to find more information on the Idaho National Laboratory data breach, check out the following news articles:

• Idaho's Wireless Test Bed provides 20 years of service to the nation

• Furry Hacktivists Breached Nuclear Lab and Stole Employee Data - CPO Magazine

• East Idaho News (Exact article link not provided)