NASA memo warns staff personal data may have been stolen in a cyber attack

Hack has been under investigation since October, but staff only told now

NASA is investigating an attack on its servers in which personal data of employees is thought to have been stolen.

In an internal HR memo to all NASA staff dated 18 December, employees are warned than an unknown intruder infiltrated the organisation's systems in October.

"On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored," the memo says.

"After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised."

The time lag means that NASA staff could have been victims of identity theft and other criminal activities for two months. The unusually long period of time between discovery and announcement may indicate that US law enforcement preferred to keep the matter secret during investigations.

The space agency confirmed that it was working with "its Federal cybersecurity partners" in examining "the scope of the potential data exfiltration and identify potentially affected individuals".

The NASA memo indicates uncertainty about exactly whose PII may have been compromised, but everyone who worked with them between July 2006 and October 2018 could have been affected. NASA currently employs over 17,000 people, so the hacker could have made off with quite a data haul.

NASA has suffered a number of cyber attacks in recent years. In 2011 attackers took full control of a number of servers in the organisation's Jet Propulsion Laboratory, and in 2013 the group Master Italian Hackers Team defaced eight NASA websites.

In 2016 hacking group AnonSec broke into into NASA's network and attempted to to bring down a drone worth $222m. Flight videos and employee data was also compromised and 250GB of stolen data were later dumped on the web.