Feeds

NASA 'nauts personal DATA at risk after laptop SNATCH BUNGLE

Total ban on non-encrypted disks outside the wire

Internet Security Threat Report 2014

A NASA laptop containing personal records of thousands of employees and contractors was stolen two weeks ago.

The computer, which contained a copy of workers' social security numbers among other information, was taken from a locked car near NASA HQ in Washington DC on 31 October, according to a leaked email.

The laptop was password protected, but the disk was partially unencrypted: "the information on the laptop could be accessible to unauthorized individuals," Richard Keegan, NASA's associate deputy administrator, wrote in the agency-wide memo published on the SpaceRef website. The missive went on to warn:

Because of the amount of information that must be reviewed and validated electronically and manually, it may take up to 60 days for all individuals impacted by this breach to be identified and contacted.

NASA has hired data-breach specialists to help tackle any fraud or identity theft in the wake of the blunder. As a result of the theft, NASA's chief administrator Charles Bolden has demanded that no agency laptops be allowed out of the property without full-disk encryption.

Bolden wants all NASA laptops fully encrypted by 21 December, has banned the storage of sensitive files on smartphones and tablets, and told everyone to purge sensitive files from laptops when they are no longer needed.

The Reg contacted NASA for comment but as yet has received no reply. ®

Remote control for virtualized desktops

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story

Whitepapers

Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.