Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Agencywide Message to All NASA Employees: Breach of Personally Identifiable Information (PII)

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 14 Nov 2012 00:41:08 -0600 (CST)
http://www.spaceref.com/news/viewsr.html?pid=42609

Source: NASA HQ
Posted Tuesday, November 13, 2012

From: HQ-NASA INC [mailto:hq-nasa-inc (at) nasa.gov]
Sent: Tuesday, November 13, 2012 2:30 PM
Subject: Breach of Personally Identifiable Information (PII)

AGENCYWIDE MESSAGE TO ALL NASA EMPLOYEES
Point of Contact: Kelly M. Carter, Information Technology and Communications Division, NASA Headquarters, kelly.carter (at) nasa.gov 

Message from the Associate Deputy Administrator:

Breach of Personally Identifiable Information (PII)
On October 31, 2012, a NASA laptop and official NASA documents issued to a Headquarters employee were stolen from the employee's locked vehicle. The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others. Although the laptop was password protected, it did not have whole disk encryption software, which means the information on the laptop could be accessible to unauthorized individuals. We are thoroughly assessing and investigating the incident, and taking every possible action to mitigate the risk of harm or inconvenience to affected employees.
NASA has contracted with a data breach specialist, ID Experts, who will be sending letters to affected individuals, informing them that their sensitive PII was stored on the stolen laptop and they could be impacted by the breach. This notification also will provide them information on how to protect their identity using the fully managed services of ID Experts at no cost to the individual. These services will include a call center and website, credit and identity monitoring, recovery services in cases of identity compromise, an insurance reimbursement policy, educational materials, and access to fraud resolution representatives. If you receive a notification letter in the mail, follow the directions to activate your services as soon as possible.
All employees should be aware of any phone calls, emails, and other communications from individuals claiming to be from NASA or other official sources that ask for personal information or verification of it. NASA and ID Experts will not be contacting employees to ask for or confirm personal information. If you receive such a communication, please do not provide any personal information. 

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org
Previous By Date Next
Previous By Thread Next

Current thread: