Current and former employees of NASA from July 2006 through October 2018 could have been affected by a data breach, but the exact number is not known at this time. A server containing
PII (Personally Identifiable Information) of employee were discovered to have been hacked on October 23rd. Cybersecurity personnel belonging to NASA immediately began securing the server that had been breached to prevent any further information from being compromised. Federal cybersecurity acquaintances have also been called in to help determine how the breach happened, and what information was accessed. “Once identified, NASA will provide specific follow-up information to those employees, past and present, whose PII was affected, to include offering identity protection services and related resources, as appropriate,” Bob Gibbs from NASA said. Since NASA does not know exactly whose information has been compromised they’ve notified all their employees, so they can take preemptive measures regardless. A review of NASA’s security parameters is being done to analyze and make sure their system is secure enough to withstand any future attacks.
Since the scope of this attack is not yet known it is hard to determine how to handle the situation. In an instance like this, users may want to still contact banks and the social security office to forewarn them that suspicious activity may occur. Emails should also be monitored more strictly than usual for attempts of phishing and other fraudulent activity.