Serviceteam IT Security News

A probe launched immediately after the discovery of the suspected incident has yet to establish the scale of the potential damage

The United States’ National Aeronautics and Space Administration (NASA) has notified all of its employees that their personal data may have been exfiltrated in a suspected security incident discovered two months ago.

“On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored,” NASA’s chief human capital officer Bob Gibbs said in an internal memo obtained by media company SpaceRef.

In fact, the data feared stolen includes the Social Security numbers and other records of not only current, but also past NASA employees. Currently, the agency has over 17,000 staff.

“Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected,” wrote Gibbs about the incident that is thought to have targeted two of the agency’s servers, including one storing employee records.

The truth is out there

Immediately after becoming aware of the potential breach, NASA launched an investigation to “determine the scope of the potential data exfiltration and identify potentially affected individuals”.

“This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any agency missions were jeopardized by the cyber incidents,” reads the memo.

The agency also said that it has taken steps to ramp up its security and will offer identity protection services for employees found to be affected by the incident.

NASA is no stranger to security incidents, having fallen victim to a breach as recently as 2016. Four years earlier, the theft of an employee’s laptop without full-disk encryption in place jeopardized the codes used to control and command the International Space Station. In 2011, the agency suffered no fewer than 13 successful attacks attributed to Advanced Persistent Threat (APT) groups. In one hacking case that attracted a great deal of public interest, IT expert Gary McKinnon broke into NASA’s systems back in 2001-2002, reportedly in search for “UFO cover-ups”.

In 2013, the agency came under fire for deficiencies in its cloud security.

Source: HERE

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!