NASA reveals employee data breach in internal memo
Information on employees may have been exposed, but it's unlikely that missions were compromised.
NASA on Tuesday disclosed a data breach involving current and former employees' personal data.
The space agency discovered that one of its servers was compromised on Oct. 23, it revealed in an internal memo posted to Spaceref.
The server included employees' personal info, including Social Security numbers, but the agency doesn't know if that data was stolen. NASA is working with federal cybersecurity partners to figure it out.
"Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected," Bob Gibbs, the assistant administrator in NASA's office of human capital management, wrote in the memo.
The agency doesn't believe any of its missions, which include the InSight lander's work on Mars, were compromised by the breach.
The memo doesn't mention why NASA waited nearly two months to inform employees, but our sister site ZDNet (which previously reported on the memo) noted that US law enforcement regularly asks hacked organizations to delay notifying potential victims during an investigation.
"NASA takes cybersecurity very seriously and is committed to devoting the necessary resources to ensure the security of agency information and IT systems," the agency said in an emailed statement, which also noted that it'd provide identity protection services to those potentially affected.
Back in August, the US State Department suffered a data breach that exposed some employee data.
First published at 3:08 a.m. PT.
Updated at 5:55 a.m. PT: Added NASA statement.
NASA turns 60: And it's reinventing itself for the SpaceX era.
CNET's Holiday Gift Guide: The place to find the best tech gifts for 2018.