As NASA prepared to welcome astronauts returning from the International Space Station on Wednesday, December 19, 2018, we also got word of a data breach on NASA servers.
The NASA tracking website Spaceref shared an internal memo to NASA staff about the breach:
"On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored. After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised.
Upon discovery of the incidents, NASA cybersecurity personnel took immediate action to secure the servers and the data contained within. NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved."
NASA also said in the memo that it does not believe any of NASA's mission critical systems were involved in the breach.
SecureWorld does more than create regional cybersecurity conferences, we also spend a lot of time tracking information security news, and this year that included stories on NASA: Implementing the NIST Security Framework at NASA: An Urgent Need as well as Comparing NASA's 9 Cyber Priorities to Yours
[Sort of related: A Moonshot for InfoSec? Google's Parent Company Starts Security Firm]
Image credit: NASA, of course!