NASA on Tuesday disclosed a data breach involving current and former employees’ personal data.
The space agency discovered that one of its servers was compromised on Oct. 23, it revealed in an internal memo posted to Spaceref.
The server included employees’ personal info, including Social Security numbers, but the agency doesn’t know if that data was stolen. NASA is working with federal cybersecurity partners to figure it out.
“Those NASA Civil Service employees who were on-boarded, separated from the agency, and/or transferred between Centers, from July 2006 to October 2018, may have been affected.” Bob Gibbs, the assistant administrator in its office of human capital management, wrote in the memo.
The agency doesn’t believe any of its missions, which include the InSight lander’s, were compromised by the breach.
The memo doesn’t mention why NASA waited nearly two months to inform employees, but our sister site ZDNet (which previously reported on the memo) noted that US law enforcement regularly asks hacked organizations to delay notifying potential victims during an investigation.
NASA didn’t immediately respond to a request for comment.
Back in August, the US State Department suffered a data breach that.