saveComputers within the United States’ primary regulator for commercial nuclear power plants were successfully attacked three times in three years by at least two different hacking groups. Nuclear Regulatory Commission computers were infiltrated twice by foreigner attackers, and once by an unidentifiable individual, but both using recognizable tools: two attacks traced back to Google spreadsheet users to harvest credentials and malware hosted in Microsoft’s One Drive. Through a Freedom of Information Act request, NextGov discovered NRC personnel were baited with phishing emails asking for verification of user accounts by clicking a link and logging in. The link really took victims to “a cloud-based Google spreadsheet.” More