The US National Aeronautics and Space Administration (NASA) suffered a data leak that have exposed employees PIIs. The cyber attack, however, shouldn’t have jeopardized any missions. A federal investigation is ongoing
U.S. National Aeronautics and Space Administration (NASA) suffered a cyber attack that have exposed employees social security numbers and other personal information (PII). According to SpaceRef, NASA issued a note in wich is explained that “cyber security personnel began investigating a possible compromise of servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised”. A tipical data leak. “Upon discovery of the incidents, NASA cyber security personnel took immediate action to secure the servers and the data contained within. NASA and its Federal cyber security partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals.” The Agency, however, “does not believe that any missions were jeopardized by the cyber incidents”.
The data leak may have affected the NASA Civil Service employees from July 2006 to October 2018
“This message is being sent to all NASA employees for awareness, regardless of whether or not your information may have been compromised,” the note on the data leak added. “Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected. Once identified, NASA will provide specific follow-up information to those employees, past and present, whose PII was affected, to include offering identity protection services and related resources, as appropriate. Our entire leadership team takes the protection of personal information very seriously. Information security remains a top priority for NASA. NASA is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency.”