Cybersecurity

SSNs of NASA Employees may be in Hackers’ Hands

A possible compromise of servers where NASA stored data on current and former employees may have given hackers access to social security numbers (Bleeping Computers)
Google+ Pinterest LinkedIn Tumblr

A possible compromise of servers where NASA stored data on current and former employees may have given hackers access to social security numbers (SSN) and personally identifiable information (PII).

The incident occurred on or before October 23, when NASA cybersecurity team started to look into a possible server breach. Immediate action secured the machines and the data they stored.

There are no details on why the agency waited almost two months to disclose this security event.

Scope of the potential breach unknown

Although there is no information about the number of individuals potentially impacted by the incident, NASA says that the PII and SSN data had been collected on the impacted servers since July 2006.

In a notification from the Office of the Chief Human Capital Officer, the agency says that the persons potentially affected by this finding are civil service employees “who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018.”

For awareness reasons, the reached all NASA employees, even if their information may not have been compromised.

At the moment it is unclear if data exfiltration occurred, but if the investigation finds evidence of unauthorized access, the agency will start treating it as a data breach.

The agency believes that none if its missions have been endangered by this cybersecurity episode. NASA is currently trying to identify the individuals potentially impacted to give them specific details and offer them identity protection services and additional resources.

“This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved,” the memo informs.

NASA is a constant target for hackers, who sometimes use a successful intrusion as bragging rights.

In 2016, hacking outfit AnonSec breached the agency’s network and stole personal information belonging to over 2,400 employees as well as video footage from NASA aircrafts, and flight logs. AnonSec released more than 250GB of data at the time.

Source: Bleeping Computers

4 Comments

  1. This article presents pleasant understanding of the subject matter. Thanks for the interesting write-up

  2. Excellent submit, very informative. I’m wondering why the other experts
    of this sector don’t notice this. You must
    proceed your writing. I’m confident, you have a great readers’ base already!

  3. Zorra Barton Reply

    I’m truly enjoying the design and layout of your site.
    It’s a very easy on the eyes which makes it much more enjoyable for me to come here and visit more often.
    Outstanding work!

Write A Comment