Hackers breach Russia’s Radon nuclear waste plant, claim to steal entire database

Radon, a nuclear waste management facility operated by Russia’s state-owned nuclear energy corporation Rosatom, has reportedly suffered a major cybersecurity breach, with attackers claiming to have stolen the company’s entire database, including sensitive testing and personnel data.

The stolen information appeared this week on a prominent data leak forum, where the threat actors posted evidence of the intrusion and alleged that they had gained access to testing statistics, names of personnel conducting radiation analyses, and user account details. The authenticity of the leaked data has not yet been independently verified, but the incident has raised concerns about cybersecurity vulnerabilities within critical infrastructure sectors handling hazardous materials.

Headquartered in Moscow, Radon is Russia’s primary operator for the management and disposal of nuclear waste. The company is responsible for collecting, transporting, storing, and disposing of low- and intermediate-level radioactive waste, as well as conducting radiation monitoring and environmental safety assessments. From 1986 to 1989, Radon was involved in cleanup operations following the Chernobyl disaster.

Attackers claim that the exposed information includes tester names, test statistics, user IDs, email addresses, phone numbers, and other state-related data. If confirmed, the breach could allow malicious actors to exploit the information to forge testing documents or misrepresent safety data, potentially undermining environmental and public safety assessments related to radioactive materials.

Cybersecurity experts warn that access to employee contact information and personally identifiable data could facilitate social engineering or spear-phishing campaigns aimed at deeper network infiltration.

Radon has not yet issued an official statement on the alleged incident. The breach, if verified, would represent one of the most significant cyber intrusions involving a nuclear waste management facility, highlighting the ongoing risks posed by digital attacks on critical national infrastructure.