NASA discovered a potential compromise of servers storing personally identifiable information of current and former employees. The agency said it initially found that one of the servers containing Social Security numbers and other PII data of its workers was potentially affected by the cyber incident in October, according to an internal memo obtained by SpaceRef.
NASA noted the compromised information may include those from employees who entered or left the agency between July 2006 and October 2018. Bob Gibbs, assistant administrator of NASA’s Office of the Chief Human Capital Officer, said the investigation is ongoing to find other affected servers.Â
“NASA and its federal cybersecurity partners continue to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals,†he said in the memo.Â
However, Gibbs noted the process “will take time†and the investigation is a top agency priority. NASA intends to provide identity protection services to those affected by the incident.
