INL Investigating Data Exploitation Incident Affecting Oracle HR Management System

Idaho National Laboratory officials are investigating a cyber intrusion that allowed hackers to exploit the lab’s data.

According to INL spokesperson Lori McNamara, the hackers executed a data breach on Nov. 20 aimed at the lab’s servers supporting the Oracle Human Capital Management System. On Sunday, the SiegedSec hacking group claimed responsibility for the attack, stating that it stole and leaked employee records and Social Security numbers. The hacktivist group also shared screenshots proving the data breach.

McNamara said the lab contacted the FBI, the Cybersecurity and Infrastructure Security Agency and other relevant organizations to help with its investigation. The INL has advised employees to follow best cybersecurity practices to prevent further damages, The Record reported.

Hackers have been actively infiltrating U.S.-owned and operated environments over recent months.

In July, a source said a China-based group hacked government-owned, Microsoft-maintained email accounts, including those used by Commerce Secretary Gina Raimondo and Department of State employees. CISA said hackers were able to access and steal unclassified data.

In March, CISA said two hacking groups gained unauthorized access to the Microsoft Internet Information Services server of at least one U.S. federal agency.