Houston, we've had a problem: NASA fears internal server hacked, staff personal info swiped by miscreants

Another leak, this time it's personal. Plus: Trump launches Space Force, er, Command


A server containing personal information, including social security numbers, of current and former NASA workers may have been hacked, and its data stolen, it emerged today.

According to an internal memo circulated among staff on Tuesday, in mid-October the US space agency investigated whether or not two of its machines holding employee records had been compromised, and discovered one of them may have been infiltrated by miscreants.

It was further feared that this sensitive personal data had been siphoned from the hijacked server. The agency's top brass stressed no space missions were affected, and identity theft protection will be offered to all affected workers, past and present. The boffinry nerve-center's IT staff have since secured the servers, and are combing through other systems to ensure they are fully defended, we're told.

Anyone who joined, left, or transferred within the agency from July 2006 to October 2018 may have had their personal records swiped, according to NASA bosses. Right now, the agency employs roughly 17,300 people.

"Upon discovery of the incidents, NASA cybersecurity personnel took immediate action to secure the servers and the data contained within," the memo, issued by assistant administrator Bob Gibbs, stated.

"NASA and its federal cybersecurity partners are continuing to examine the servers to determine the scope of the potential data exfiltration and identify potentially affected individuals. This process will take time. The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any agency missions were jeopardized by the cyber incidents."

In a statement to The Register today, a spokesperson for NASA told us:

On Oct. 23, 2018, NASA cybersecurity personnel began investigating the potential compromise of two NASA servers. One of the servers contained personally identifiable information (PII) on current and past NASA employees and these data may have been exfiltrated. The agency will provide identity protection services to all potentially affected individuals.

NASA does not believe that any agency missions were jeopardized by the intrusions. Once discovered, NASA took immediate action to secure the impacted servers and has been working to perform a forensic analysis since then – this process will take time. The ongoing investigation is a top NASA priority.

NASA takes cybersecurity very seriously and is committed to devoting the necessary resources to ensure the security of agency information and IT systems. The agency is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure the latest security practices are followed throughout the agency.

We've asked NASA while it took nearly two months to inform staff, despite it being a top priority, and what exactly may have been exfiltrated. "We cannot go into specifics about the data," a spokesperson told us, adding: "However, 2 CFR 200.79 defines PII as “…information that can be used to distinguish or trace an individual's identity, either alone or when combined with other personal or identifying information that is linked or linkable to a specific individual." ®

Additional reporting by Richard Speed.

In other space news... President Donald Trump today instructed the Pentagon to form the US Space Command, which will pull in service personnel from all corners of Uncle Sam's armed forces. Space Command will be expected to take over space-related national security responsibilities previously held by the United States Strategic Command.

This is all part of the President's desire to set up a new branch of the military dubbed Space Force, which will counter any moves by Russia or China to jam or destroy American satellites or disrupt other US space operations.

Crucially, Trump may be unable to get the Democrat-controlled House of Reps to sign off on his Space Force dream, and so Space Command may be an attempt at establishing another route to setting up a standalone space-focused branch of the military. Space Command will be led by a four-star Senate-approved general or admiral, and more details on how exactly it will play out will be revealed within the next few weeks, according to Vice President Mike Pence.

Similar topics


Other stories you might like

  • City-killing asteroid won't hit Earth in 2052 after all
    ESA ruins our day with some bad news

    An asteroid predicted to hit Earth in 2052 has, for now, been removed from the European Space Agency's list of rocks to be worried about.

    Asteroid 2021 QM1 was described by ESA as "the riskiest asteroid known to humankind," at least among asteroids discovered in the past year. QM1 was spotted in August 2021 by Arizona-based Mount Lemmon observatory, and additional observations only made its path appear more threatening.

    "We could see its future paths around the Sun, and in 2052 it could come dangerously close to Earth. The more the asteroid was observed, the greater that risk became," said ESA Head of Planetary Defense Richard Moissl. 

    Continue reading
  • Returning to the Moon on the European Service Module
    Moving to series production and dealing with the US, where things are done slightly differently

    Interview NASA has set late August as the launch window for its much-delayed Artemis I rocket. Already perched atop the booster is the first flight-ready European Service Module (ESM). Five more are in the pipeline.

    Airbus industrial manager Siân Cleaver, whom The Register met at the Goodwood Festival of Speed's Future Lab, has the task of managing the assembly of the spacecraft, which will provide propulsion, power, water, oxygen and nitrogen for the Orion capsule.

    Looking for all the world like an evolution of the European Space Agency's (ESA) International Space Station (ISS) ATV freighter, the ESM is not pressurized and measures approximately 4 meters in length, including the Orbital Maneuvering System Engine (OMSE), which protrudes from the base.

    Continue reading
  • NASA tricks Artemis launch computer by masking data showing a leak
    Plus it aborts ISS reboost. Not the greatest start to the week, was it?

    NASA engineers had to work fast to avoid another leak affecting the latest Artemis dry run, just hours after an attempt to reboost the International Space Station (ISS) via the Cygnus freighter was aborted following a few short seconds.

    The US space agency on Monday rolled the huge Artemis I stack back to its Florida launchpad having worked through the leaks and problems that had beset its previous attempt at fueling the beast in April for an earlier dress rehearsal of the final countdown.

    As propellant was loaded into the rocket, controllers noted a hydrogen leak in the quick-disconnect that attaches an umbilical from the tail service mast on the mobile launcher to the core stage of the rocket.

    Continue reading
  • NASA ignores InSight's battery woes in pursuit of data
    Space boffins: Nevermind ekeing out the battery, let it go out in a blaze of glory!

    Pondering what services to switch off to keep your laptop going just that bit longer? NASA engineers can relate, having decided the Mars InSight lander will go out on a high: they plan to burn through the remaining power to keep the science flowing until the bitter end.

    The InSight lander is in a precarious position regarding power. A build-up of dust has meant the spacecraft's solar panels are no longer generating anywhere near enough power to keep the batteries charged. The result is an automatic shutdown of the payload, although there is a chance InSight might still be able to keep communicating until the end of the year.

    Almost all of InSight's instruments have already been powered down, but the seismometer remains active and able to detect seismic activity on Mars (such as Marsquakes.) The seismometer was expected to be active until the end of June, at which point it too would be shut-down in order to eke out the lander's dwindling supply of power just a little longer.

    Continue reading

Biting the hand that feeds IT © 1998–2022