According to the data breach notification, hackers have breached at least one of the agency’s servers, the security breach impacted both past and present employees.
Website SpaceRef published a data breach notification note sent by the NASA to its employees, the Agency informed them of an ongoing investigation due to an intrusion into its servers on October 23.
“On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored.” reads the note obtained by
“After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised.”
Initial analysis confirmed that social security numbers and other personally identifiable information (PII) stored on one server may have been stolen.
The US agency and its Federal cybersecurity partners are analyzing the internal infrastructure to determine the scope of the potential data exfiltration and identify potentially affected individuals.
“The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents,” continues the note.
NASA will provide specific follow-up information to the affected employees and also identity protection services.
“Our entire leadership team takes the protection of personal information very seriously. Information security remains a top priority for NASA. NASA is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency,” the note concludes.
(SecurityAffairs –hacking, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.