The US National Aeronautics and Space Administration (NASA) disclosed a data breach of their servers containing Personally Identifiable Information (PII), including social security numbers. NASA informed their employees Tuesday in an internal memo.
The breach occurred a few months ago and was discovered on October 23rd. Two HR related servers were hit in the attack, affecting current and former Civil Service NASA employees from July 2006 to October 2018. The number of affected employees is still unknown; however, the agency plans to follow up with the employees once identified. They do not believe any of their missions were compromised, although the investigation has not been completed. Currently, the agency is focused on doing a full investigation into the breach working alongside federal cybersecurity partners and believes the investigation will take a while.
NASA in the internal memo stated:
“NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents.”
Further, affected servers were immediately secured after the discovery was made. Since then there has been an ongoing investigation, which NASA has said is a top priority. They plan to ensure all servers are secured and best security practices are being followed.
The space agency has also been hit breaches multiple data breaches in the last several years since 2011, when attackers took control of NASA computers. News of this breach came just days after an audit of the U.S ballistic missile system found major flaws in cybersecurity. The state of cybersecurity federally is weak and this breach is just the latest to occur in a government agency.
If your organization was hit with an data breach contact LIFARS immediately.