NASA has been compromised in October, the magnitude of the breach is still unkown
NASA employees received an interesting report yesterday that reveals a potential compromise of the agency's servers that apparently took place in late October — or at least it was discovered back then. According to this message, the information on a server containing Social Security numbers and other personally identifiable information of both current and former NASA employees "may have been compromised."
Obviously, the server has been quickly secured after the discovery of the potential data exfiltration. However, the process of identifying those affected takes a long time. According to the aforementioned internal memo, "NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents."
The same source reveals that "NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected." Once the individuals affected will be identified, NASA will provide them with specific follow-up information.
Fortunately, the NASA website is doing great and we all can enjoy those awesome space photos without any problems. We will get back to this story as soon as we find out anything new. Do you remember any other NASA server breaches? Were you ever part of a security team in charge of NASA servers and you can share some inside information with us? Don't be shy and drop a comment below.