Idaho National Laboratory had data from 45,047 former and current employees, spouses, and dependents compromised following a cyberattack last month, which has been claimed by the SiegedSec hacking operation, reports The Record, a news site by cybersecurity firm Recorded Future.
Many of the impacted individuals had their names, Social Security numbers, banking information, and salary details accessed by threat actors but only names and birthdates were exposed for some of the victims, according to INL, which emphasized that the breach did not affect its network and other databases.
"The event continues to be investigated by federal agencies including the Department of Energy, Federal Bureau of Investigation, and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency," said INL in breach notification letters sent to the affected individuals.
Such a disclosure comes after SiegedSec took responsibility for the intrusion, which it claims had been conducted through hacking an external cloud vendor system used by the facility for human resources services.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news