The United States National Aeronautics and Space Administration (NASA) has confirmed that they have been hacked this year which may have compromised the personal information of some of its current and former employees.
An internal memo was sent to all its employees which states that an unknown intruder had attained access to one of its servers storing the personal data of all their employees including the current and former ones. It includes Social Security numbers as well.
It is worth mentioning that no space missions were jeopardized by the cyber incident.
They have discovered the hack on October 23 and it is not clear why the agency waited almost two months to notify its employees. However, it is a common procedure to delay notifying affected victims while the US law enforcement does the investigation.
NASA reported that they were working with federal cybersecurity partners to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals.
The agency is not totally aware of the scope of the breach and how many employees are affected by it. NASA had sent the memo to notify all employees so that they could take countermeasures against possible fraud.
All the NASA Civil Service employees who had joined, left or transferred between Centers, from July 2006 to October 2018, may have been affected. When identified all the employees will be notified and offered identity theft protection services and related resources.
This is not the first time NASA has been affected by a data breach. They have suffered similar security breaches in 2011 and 2016.