According to a NextGov exclusive, computers at the US Nuclear Regulatory Commission have been breached by foreign hackers at least twice in the last three years. The news comes from an official report from the Inspector General’s Cyber Crime Unit, which led the investigation. In the first breach, the tactic was a simple phishing scheme, sending an email to multiple employees asking them to fill out Google doc with their login information. A dozen employees clicked on the link, although it’s still unclear how many actually filled out the form. Later, an NRC employee’s personal email was hacked and used to send malware-laden PDFs to 16 different employees.