NASA just announced that there was a security breach in October where hackers were able to access sensitive employee information.
The number of employees that may have been affected is not known, but it does include current and former employees of the agency, which employs more than 17,000 in the civil service sector, according to spokeswoman Karen Northon.
NASA did confirm that on Oct. 23, 2018, there was a server breach that included access to identifiable information of civil service employees, such as social security numbers, Bloomberg reported.
This information was included in a communication sent Tuesday to NASA employees from Assistant Administrator at the Office of the Chief Human Capital Officer Bob Gibbs.
NASA says hackers stole employee information https://t.co/sUy4v9pYSP
— Bloomberg (@business) December 19, 2018
The hackers may have obtained sensitive information about employees who were or are employed with NASA from July 2006 to Oct. 2018, according to Panda Security.
On Tuesday, Gibbs said, “NASA does not believe that any Agency missions were jeopardized by the cyber incidents. This message is being sent to all NASA employees for awareness, regardless of whether or not your information may have been compromised. Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected,” according to the New York Post.
He added, “After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised. Upon discovery of the incidents, NASA cybersecurity personnel took immediate action to secure the servers and the data contained within.”
“This process will take time. Our entire leadership team takes the protection of personal information very seriously. Information security remains a top priority for NASA. NASA is continuing its efforts to secure all servers and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency,” Gibbs said.
Northon sent an email stating, “Once discovered, NASA took immediate action to secure the impacted servers and has been working to perform a forensic analysis since then—this process will take time. The ongoing investigation is a top NASA priority.”
NASA said they will provide the affected employees with identity protection at no charge.
NASA’s servers were hacked back in October, but the agency is just now revealing the severity of the hack pic.twitter.com/q7KdSJR02L
— Mashable (@mashable) December 19, 2018
Some people, however, want answers as to why it took NASA over 60 days to divulge the breach to those affected and why they still don’t have any answers about who the hackers are or why they did it.
NASA has guaranteed their employees that the problem has been resolved and the danger has been removed.
NASA said they are working with “federal cybersecurity partners” to weigh the damage.