Sensitive NASA data at risk following stolen laptop

Share this article:

A laptop containing the unencrypted personal information belonging to NASA workers was stolen from an employee's car.

How many victims? A “large number” of workers, according to an email sent to NASA employees.

What type of personal information? Personally identifiable information, including Social Security numbers.

What was the response? The agency offered free credit-monitoring services for affected employees. In addition, NASA has implemented new policies that include the mandatory full-disk encryption for agency-issued computers that leave the premises, as well the adoption of a rule that does not allow employees to store sensitive data on mobile devices. By Dec. 21 all of the agency's laptops must be encrypted.

Details: The breach took place on Oct. 31, and a letter alerting employees of the incident was sent this week. Along with the laptop containing the unencrypted data, other documents were said to have been stolen. NASA faced a similar breach in March 2011 after a laptop was stolen from an employee's car at the Kennedy Space Center in Florida.

Quote: “We are thoroughly assessing and investigating the incident, and taking every possible action to mitigate the risk of harm or inconvenience to affected employees,” Richard Keegan Jr., associate deputy administrator at NASA, said in an email to employees.

Source: www.space.com, “Stolen NASA Laptop Prompts New Security Rules,” Nov. 15, 2012.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.