NASA still isn't sure how many staff members were affected.
You've Got Mail
A troubling email landed in the inboxes of all NASA employees on Tuesday.
The message, sent by the agency's human resources department, revealed that hackers may have breached NASA servers in recent months, accessing employees' personally identifiable information, including their Social Security numbers, in the process.
On the Case
According to the email, which was published by SpaceRef, members of NASA's cybersecurity team began investigating a potential compromise on October 23. In the course of that investigation, they determined that someone may have hacked NASA servers containing the personal info of anyone employed by the agency between July 2006 and October 2018.
NASA has already secured the affected servers and will continue to investigate the hack. Once it knows the names of the employees, past or present, specifically affected, it plans to reach out to them directly with follow-up information.
NASA does not believe the hack affected any of its missions, and for that, it should be grateful — as cybersecurity expert Sam Curry told The Independent, "while [personally identifiable information] and employee privacy are vital, there are many things at NASA in the national security domain and are of vital importance to the nation."
The agency might not be so lucky the next time it's hacked, which means it needs to do everything in its power to make sure there isn't a "next time."
"This is the third breach of NASA since 2011," Curry said. "The first priority should be to limit harm and help the victims while also ensuring that the breach is remediated, but after that it’s time to go into the more painful mission phase and learn from the results."
READ MORE: NASA Hack Exposes Data on Space Agency's Servers [The Independent]
More on national security: DARPA and NASA Form a Partnership to Create New Satellites