Hackers Succeed in NASA Mission, Lifting Thousands of Employee Records | Threatpost | The first stop for security news

NASA has become the latest victim of a breach, but it’s unlikely that sensitive space mission data was impacted.

In an internal memo sent to employees, NASA admitted that it was hacked by an unauthorized intruder in October, and that personally identifiable information for thousands of employees was compromised, including Social Security numbers.

The server in question was apparently an HR database. Those affected are NASA Civil Service employees who were hired or those who left, and those that received transfers. The amount of information exfiltrated is potentially significant. The compromised records are from July 2006 to October 2018, i.e. 12 years’ worth of data.

“NASA and its federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals,” NASA said in a website notice on Wednesday. “This process will take time.”

Further details are scant, but some noted the obvious irony of one of the most technologically advanced entities in the U.S. (if not the world) falling prey to a common hack.

“Tech to send mission to Mars but can’t stop Internet attacks. Amazing!” tweeted one. Others took up the theme as well.

In the back of the room an alien grumbles: “Humans… they want to fly to Mars, but they can’t survive without dropping the ball at least once a day.”

— e-sushi 🎄 (@originalesushi) December 19, 2018

“NASA is long considered by many to be the epitome of high-tech, so a breach here is a great example that even the best and brightest can fall prey to hacking,” said Craig Young, computer security researcher for Tripwire’s Vulnerability and Exposure Research Team (VERT), in an email. “One of the most important things individuals can do to help avoid a breach is to be vigilant about password security and mindful of unsolicited links and attachments coming in over email and chat.”

However, given that federal cybersecurity is notoriously lagging, the incident is perhaps not a total surprise, especially since it could be related to other attacks.

“Those affected by the NASA breach were likely impacted by the previous NASA breaches, the 2015 Office of Personnel Management breach that affected 21.5 million federal employees and contractors, and, if they transferred to the Department of Defense since onboarding with NASA, they could have been victims of the DoD breach reported a few weeks ago,” said Michael Magrath, director, global regulations and standards, OneSpan, via email. “An ‘agency breach trifecta.’”

He added, “Their personally identifiable information is already on the Dark Web, available for sale.  In addition to Christmas cards in their mailbox, NASA employees will receive their breach notification letter which will include the usual standard operating procedure of free credit monitoring.”

Cover image courtesy of NASA/JPL.