backtop


Print

NASA KSC has local law enforcement as well as NASA authorities on the case to see who is behind the breach

NASA had yet another laptop stolen earlier this month, which contained sensitive information on NASA KSC employees such as name, date of birth and social security number.

On March 16, NASA KSC Human Resources sent out an internal email to all employees alerting them that another breach had occurred. The email notes that a NASA laptop computer, which contains Personally Identifiable Information (PII), was stolen from a NASA KSC employee on March 5.

NASA KSC said that the sensitive information on NASA KSC employees released were name, race, national origin, gender, email, date of birth, social security number, contact phone number, college affiliation and grade point average.

NASA KSC has local law enforcement as well as NASA authorities on the case. Recovery services like identity, cyber and credit monitoring will also be made available to NASA KSC employees.

The following is the internal email sent to NASA employees last Friday:

From: KSC-Human-Resources
Sent: Friday, March 16, 2012 5:00 PM
To: KSC-DL-ExchangeWorld-(NASA)
Subject: NASA KSC Laptop Theft

You are receiving this communication to make you aware of a situation involving a potential compromise of Personally Identifiable Information (PII). All affected individuals will receive a subsequent communication through the U.S. mail at their home address. On March 5, 2012, a NASA laptop computer containing sensitive Personally Identifiable Information (PII) was stolen from a NASA KSC employee. We have verified that personal information was contained in the files that were on this laptop at the time it was stolen.

The files included information on NASA KSC employees such as name, social security number, race, national origin, gender, contact phone number, e-mail, date of birth, college affiliation, and grade point average.

Local and NASA law enforcement authorities are now conducting inquiries into the theft and the resulting potential for compromise of sensitive information.

NASA takes this loss very seriously and has convened a Breach Response Team to address this situation.

The team also is reviewing current policies and practices to determine what steps must be taken and what changes must be made to preclude a similar occurrence in the future. We do not believe that the PII contained in the files on the laptop computer was the motive for the theft. In addition, because the laptop computer was password protected, we also believe the probability is low that the information will be acquired and used for an unlawful purpose. At this time, there is no evidence to suggest that there has been any attempt to misuse any of your personal information.

However, we cannot say with certainty that PII is safe, so KSC has arranged with a company called Idexperts to provide affected individuals with cyber, identity, and credit monitoring and recovery services to help protect their identity, without cost, for a period of one year from the time of registration.

Next week a letter including a unique fraud monitoring enrollment code assigned by Idexperts will be mailed to affected individuals at their home address. This unique code will allow those affected to enroll with Idexperts to begin monitoring services (Note: recovery services are retroactive to March 5).

Employees who want to activate the monitoring service prior to letter receipt should send an email request to KSC-DL-Privacy-Manager@mail.nasa.gov from their government email address. We encourage those affected to take advantage of this free service. Additional information on identity theft can be found on the Federal Trade Commission web site: www.ftc.go. The web site also provides other valuable information that can be used now or in the future if problems should develop.

We deeply regret and apologize for any inconvenience and concern this breach may cause you.

Should you have any questions, a dedicated phone line is available for support at (321) 867-8905 between 7:30 am and 4:00 pm (Monday through Friday).

Tracy (Anania) Wetrich
Director of Human Resources
NASA, Kennedy Space Center
Phone: (321) 867-XXXX
Fax: (321) 867-XXXX


At the start of this month, it was discovered that NASA's International Space Station (ISS) control codes were stolen from NASA laptops. As a result, NASA engineers had to terminate certain parts of the station's software.

From April 2009 to April 2011, a total of 48 laptops were stolen from NASA. It was found that only 1 percent of laptops were encrypted, and that NASA's IT department seldom patches its computers.

NASA Inspector General Paul K. Martin said those that hacked NASA's laptops ranged from attention-seeking young adults to "criminal enterprises."

"These incidents spanned a wide continuum from individuals testing their skill to break into NASA systems, to well-organized criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services seeking to further their countries' objectives," said Martin.

While NASA continues to battle with the incompetency of its IT department, it's also trying to focus on pulling off other endeavors like finding a way for American astronauts to get to the ISS without depending on Russia. After retiring its space shuttle program last year, American astronauts have had to ride on Russian Soyuz rockets to the ISS in order to deliver supplies, which costs about $60 million per seat. NASA currently has a contract with SpaceX, a California-based private commercial space transport company, to develop vehicles for unmanned and manned space missions for America.

Source: Space Ref





"The whole principle [of censorship] is wrong. It's like demanding that grown men live on skim milk because the baby can't have steak." -- Robert Heinlein







Latest Blog Posts
The Best Android Apps
Saimin Nidarson - May 20, 2017, 6:16 AM






botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki