Nasa data breach: what happened and who is affected?

Nasa has emerged as the latest major organisation to suffer a cyber attack after an internal memo revealed that employee information had been leaked.

The US space agency said in a message to workers on Tuesday that two of its severs had been accessed by an unauthorised party on 23 October.

The memo, posted by science news site SpaceRef, reveals that the severs contained information about current and former employees, including Social Security numbers.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

“Nasa is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency,” said Nasa’s assistant administrator Bob Gibbs in the company-wide note.

He added that the agency is working with “cybersecurity partners” to examine the extent of the data breach and determine which personnel have been impacted by the attack.

Speaking to The Independent, Sam Curry, chief security officer at security firm Cybereason, said Nasa’s first priority will be “to limit harm and help the victims while also ensuring that the breach is remediated, but after that it’s time to go into the more painful mission phase and learn from the results”.

But it’s not the first time the space agency has been entangled in a cyber security scandal.

In 2012, Nasa inspector general Paul K Martin told US lawmakers that hackers gained “full functional control” of the agency’s key computers in 2011 and were in a position to “modify, copy, or delete sensitive files”, the BBC reports.

Martin claimed that the agency suffered “5,408 computer security incidents” between 2010 and 2011.

He added that the agency is a “target-rich environment for cyber attacks”. Individuals are motivated by “testing their skill to break into Nasa systems, to well-organised criminal enterprises hacking for profit, to intrusions that may have been sponsored by foreign intelligence services”.

The Nasa attack follows other major data breaches in 2018, including the Marriott Starwood leaks in November and the British Airways hack in September.

Who is affected?

Staff employed by Nasa between July 2006 and October 2018 may have had their data exposed by the attack, though the company has not been able to narrow down whether hackers stole any personal information.

Along with Social Security numbers being exposed, the agency claims that personally identifiable information (PII), a broad term that could include anything from a person’s date of birth to their passport number, may also have been “exfiltrated”.

Nasa has urged workers to “take the necessary precautions to prevent possible identity theft”, says Gizmodo.

Why Nasa waited two months to go public on the hack has not been revealed. However, tech news site ZDNet says it is “common” for authorities in the US to asked hacked organisations to “delay notifying affected victims while they investigate an incident”.

Were missions compromised?

Not at the moment, no. Nasa said it “does not believe that any agency missions were jeopardised by the cyber incidents”.