Mayday! NASA Warns Employees of Personal Information Breach

[The AchieVer]

                                                                                                       

Another day, another data breach. This time it's the United States National Aeronautics and Space Administration (NASA)

NASA today confirmed a data breach that may have compromised personal information of some of its current and former employees after at least one of the agency's servers was hacked.

In an internal memo sent to all employees on Tuesday, NASA said the unknown hackers managed to gain access to one of its servers storing the personally identifiable information (PII), including social security numbers, of current and former employees.

The agency said NASA discovered the breach on October 23 when its cybersecurity personnel began investigating a possible breach of two of its servers holding employee records.

After discovering the intrusion, NASA has since secured its servers and informed that the agency is working with its federal cybersecurity partners "to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals." However, NASA said this process "will take time."

It should be noted that no space missions were jeopardized by the cyber incident, the agency said.

According to the agency, any NASA Civil Service employee who joined, left, or transferred within the agency from July 2006 to October 2018 may have had their personal data compromised. NASA currently employs roughly 17,300 people.

 

source

The agency said all the affected employees would be notified once identified, and offered identity theft protection services and related resources to all affected employees, past and present.

 

"Our entire leadership team takes the protection of personal information very seriously. Information security remains a top priority for NASA," said Bob Gibbs, assistant administrator at NASA's Office of the Chief Human Capital Officer.

"NASA is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency."

This is not the first time when the agency's servers have been compromised. NASA suffered a massive security breach in 2016 when a hacking group released 276GB of sensitive data including flight logs and credentials of thousands of its employees.

At that time, the hackers even attempted to crash a $222 million drone into the Pacific Ocean by gaining control over the drone by rerouting the flight path.

[Matrix]

 

 

Why it matters: NASA's recent disclosure further highlights the fact that even the most advanced government agencies are prone to data breaches. As high-value targets, it's these types of agencies that should have ironclad security.

NASA in a recent internal memo detailed a security incident in which personally identifiable information on current and former employees may have been compromised.

The memo, dated December 18 and shared by SpaceRef, notes that NASA cybersecurity personnel launched an investigation into the matter on October 23, 2018. The team determined that information from one of the compromised servers contained Social Security numbers and other personally identifiable information on some who were employed from July 2006 to October 2018.

NASA said it took immediate action to secure the servers and is working with federal cybersecurity partners to determine the scope of the incident and identify potentially affected employees. The agency didn’t say how many individuals may have been impacted but did highlight that it doesn’t believe any missions were jeopardized.

Once identified, impacted employees will be offered identity protection services and related resources, the memo states.

As we’ve come to realize over the years, several government agencies are ill-equipped to thwart potential security incidents. Earlier this month, an audit of five US Ballistic Missile Defense System locations found most of them had major security failures.

source

[The AchieVer]

@DonyMach1

I hope the font and article is readable now 

[Matrix]

1 minute ago, The AchieVer said:

@DonyMach1

I hope the font and article is readable now 

Indeed it is thanks for that 😊

[The AchieVer]

1 minute ago, DonyMach1 said:

Indeed it is thanks for that 😊

Today, I got the opportunity to post the articles using my system 🙂