NASA Confirmed Data Breach After an Internal Server Was Hacked

Continuing the trail of data breaches, now NASA joins the list. NASA confirmed the data breach to its employees since noticing an internal server that was compromised by so far unidentified hackers.

NASA Confirmed Data Breach In Internal Memo

In a recent memo disclosed to employees, NASA confirmed a data breach relating to one of their internal servers. Allegedly, the server contained personal information of employees which may have leaked to the hackers, the data included social security numbers.

As revealed, the cybersecurity personnel at NASA discovered the breach in October while investigating a server containing employees’ PII data. NASA have not clearly stated what exactly the leaked data includes, however they did confirm the breach of Social Security numbers.

“After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised.”

 

Stephan Chenette, CTO and co-founder from AttackIQ made the following comment to LHN:

“This is not the first time we have seen NASA suffer a security breach. In 2011, the agency admitted to 13 separate major network breaches, and in 2016 we saw another major hack compromise NASA employee data, flight logs and videos, and the intruders were even able to alter the path of one of NASA’s drones. Now NASA’s current and former employees have had their personally identifiable information compromised, including Social Security numbers, exposing those affected to further instances of fraud and data leaks through other vectors.

Earlier this year, NASA received more than $20 billion for its fiscal year 2018 budget, its best budget since 2009. After multiple serious security incidents, the agency needs to reevaluate the funds and resources it is dedicating toward cybersecurity and adopt solutions that provide visibility into their cyber readiness on a continuous basis to ensure that its systems are operating as intended and defending the organization’s data. A more robust solution will give NASA’s executive team the confidence that their operations will not be interrupted by a security breach, thus saving time, money, intellectual property and more.”

Hackers Not Identified Yet…

At the moment, they haven’t disclosed any details regarding the impact of the breach. Rather they confirm that investigations are underway. This also includes investigations regarding the identification of hackers.

“NASA and its Federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time.”

The notice addresses all employees.

“This message is being sent to all NASA employees for awareness, regardless of whether or not your information may have been compromised. Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected.”

Moreover, they also pledge to continue efforts to ensure adequate server security and best practices. Perhaps, after recalling the previous history of hacks, it becomes evident that NASA certainly needs to improve their security practices.

Jacob Serpa, product marketing manager at Bitglass made the following comments to LHN:

“The scope of this breach is still unknown; however NASA has more than 17,000 employees (and more former employees) who may have been affected. While NASA confirmed that it was working with federal authorities to investigate the breach, waiting two months to notify employees is quite negligent – particularly in light of the fact that Social Security numbers were exposed. Obviously, the best case scenario is to avoid breaches altogether; however, if one does occur, proper steps must be taken to mitigate damage and communicate with affected stakeholders in a timely manner.

To prevent unauthorized access to sensitive data, organizations must adopt robust, flexible, and proactive cybersecurity platforms. These platforms must include identity and access management capabilities for verifying users’ identities, detecting potential intrusions, and enforcing step-up, multi-factor authentication in real time.”

We shall update this article as we get to know more details.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil