NASA Staff at Risk After Server Breach
(Dec 19, 2018)
The US-based space agency, NASA, announced that they may have suffered a data breach back in October 2018. They stated that one of their servers that stored employees' Social Security Numbers (SSN) and other Personally Identifiable Information (PII) might have been compromised and accessed by unauthorized persons. Employees that were on-boarded between July 2006 and October 2018 may have been affected in the breach. NASA is still investigating the compromise to determine the full extent of impacted employees and what sort of information was actually affected.
Recommendation: Leaks of this sort causes individuals to be at a large risk of phishing attacks. Actors can use this information to coerce more personal data from the victim. The exposure of Personally Identifiable Information (PII) requires affected individuals to take precautionary measure to protect their identity and their finances. Identity theft services can assist in preventing illicit purchases, or applying for financial services from taking place by actors using stolen data.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.