Two top military laboratories in the United States, the Oak Ridge National Laboratory and Los Alamos National Lab, were the target of phishing attacks that resulted in access to personal information of visitors to the labs over a 14-year period.
According to the note, the unknown hackers gained access to a non-classified laboratory database, which contained personal information on people who have visited the facility in Oak Ridge, Tenn., over a 14-year period starting in 1990.
Thom Mason, director of the government research facility, said the hackers made about 1,100 attempts to steal data by sending an unknown number of staffers a total of seven phishing e-mails. It was not immediately clear from the letter if that meant a total of 1,100 such e-mails were sent or if 1,100 separate attempts were made to send such messages to the organization.
The coordinated phishing attacks have been traced back to servers from China. At risk were the names, birthdays, and social security numbers of all individuals who visited the labs during the period of 1990 to 2004.
In the backdrop of emerging cases of cyber-spying, the latest breaches will raise serious questions about the integrity of the security systems in place at top military and research institutions.