Sensitive NASA data at risk following stolen laptop

Share this article:

A laptop containing the unencrypted personal information belonging to NASA workers was stolen from an employee's car.

How many victims? A “large number” of workers, according to an email sent to NASA employees.

What type of personal information? Personally identifiable information, including Social Security numbers.

What was the response? The agency offered free credit-monitoring services for affected employees. In addition, NASA has implemented new policies that include the mandatory full-disk encryption for agency-issued computers that leave the premises, as well the adoption of a rule that does not allow employees to store sensitive data on mobile devices. By Dec. 21 all of the agency's laptops must be encrypted.

Details: The breach took place on Oct. 31, and a letter alerting employees of the incident was sent this week. Along with the laptop containing the unencrypted data, other documents were said to have been stolen. NASA faced a similar breach in March 2011 after a laptop was stolen from an employee's car at the Kennedy Space Center in Florida.

Quote: “We are thoroughly assessing and investigating the incident, and taking every possible action to mitigate the risk of harm or inconvenience to affected employees,” Richard Keegan Jr., associate deputy administrator at NASA, said in an email to employees.

Source: www.space.com, “Stolen NASA Laptop Prompts New Security Rules,” Nov. 15, 2012.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Florida medical center hit with breach for third time in two years

Aventura Hospital and Medical Center has reported a data breach for the third time in two years.

Tampa General Hospital breach impacts hundreds of patients

Tampa General Hospital is notifying 675 patients that their personal information may have been accessed, without authorization, by a former employee.

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.