Idaho National Laboratory (INL) recently suffered a massive data breach that affected its human resources systems. INL is a long-established laboratory that has made important achievements in the field of nuclear energy. However, the laboratory, which claims to be a leader in critical infrastructure system security, suffered this security breach.
Idaho National Laboratory spokesperson Lori McNamara confirmed that the laboratory's cybersecurity data breach did occur, affecting the Oracle HCM system that supports its human resources applications. server. INL took swift steps to protect its employees' data and has partnered with federal law enforcement agencies, including the FBI and the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, to investigate the scope of the affected data.
An unidentified group of hackers claimed responsibility for the incident and claimed to have obtained hundreds of thousands of data points from the Idaho National Laboratory. The data reportedly included dates of birth, email addresses, phone numbers, Social Security numbers, physical addresses and employment information.
INL is one of 17 national laboratories affiliated with the U.S. Department of Energy and is said to have more than 6,000 researchers and support staff. This incident highlights the importance of cybersecurity and the inadequacy of traditional multi-factor authentication (MFA) in preventing data breaches.
Token CEO John Gunn believes that 90%’s data breach resulted from a successful phishing attack, and that traditional multi-factor authentication (MFA) is often the source of the problem. He pointed out that cybercriminals are increasingly using artificial intelligence technology, which will make the situation more serious. This incident reminds us that strengthening cybersecurity measures and adopting more advanced authentication methods is crucial.