The National Laboratory of Idaho found itself at the center of a cybersecurity storm, acknowledging a data breach on Tuesday (Nov. 22) that placed sensitive employee information at risk. The hackers' demand to explore the creation of "irl catgirls" serves as a bizarre twist in the world of cyber threats.
Acknowledging Data Breach
The Idaho National Laboratory (INL) acknowledged a data breach on Tuesday, with the hacktivist group SiegedSec, self-described as "gay furry hackers," claiming responsibility. According to SiegedSec, they gained access to sensitive employee information, including social security numbers and home addresses.
SiegedSec proposed a deal with INL, offering to remove the post if the laboratory explores the creation of "irl catgirls." Last month, SiegedSec targeted NATO in a high-profile attack, leaking internal documents as a response to perceived human rights violations by member countries.
The hacktivist group is known for politically motivated attacks on government and affiliated organizations, such as targeting state governments for anti-trans legislation earlier this year.
Engadget received confirmation on Wednesday that Idaho National Laboratory (INL) experienced a cybersecurity breach on November 20. The breach occurred in a federally approved vendor system outside the lab, supporting INL's cloud Human Resources services.
INL, affiliated with the Department of Energy, is engaged in nuclear reactor research and various projects related to sustainable energy. With a workforce surpassing 5,000, the laboratory plays a significant role in advancing cutting-edge research initiatives.
Knowing SiegedSec
In the wake of Russia's invasion of Ukraine, the hacktivist collective SiegedSec emerged, led by the enigmatic figure known as "YourAnonWolf." With a sudden surge in activity, the group, humorously self-identifying as "gay furry hackers," quickly made a name for itself with a growing list of targets.
Operating with a blend of comical slogans and explicit language, SocRadar reported that SiegedSec is affiliated with other hacking entities like GhostSec, drawing members likely within the age range of 18 to 26.
Their Telegram channel, established on April 3, 2022, marks the group's initial presence, accompanied by a chat channel where, beyond discussing attacks, casual conversations and risqué humor abound.
Also read : Philippine Cybercriminal Exposes Government's Alarming Cybersecurity Failures With 'Admin123' Password
The attack stirred concerns, as sensitive employee information is now at risk. Despite assurances that no nuclear secrets, intellectual property, or research and development (R&D) information was compromised, the exposure of details belonging to individuals contributing to advanced Nuclear Energy R&D raises significant unease.
Colin Little, a security engineer at Centripetal, highlights the potential risks, emphasizing that politically motivated entities could exploit the leaked data to identify and target top Nuclear Energy researchers in the United States.
In response to the breach, Dark Reading reported that INL is actively gathering information and plans to communicate with its employees promptly to address the situation.
Related Article: DNA Testing Companies Adopt 2-Factor Authentication in Response to 23andMe Data Breach