Earlier today, we reported that NASA had suffered a serious security breach when one of its employee's laptops was stolen from his vehicle. Later today, NASA stated that it was implementing new security rules to prevent having data compromised like this again. Now the agency has released stats on the contents of the laptop, saying that about 10,000 users have been compromised.
A NASA spokesperson told Computer World that "at least" 10,000 employees and contractors are at risk due to the information contained on the laptop. The system was password protected, but the actual data on the hard drive was not encrypted, making it exceptionally vulnerable. NASA waited two weeks before informing employees of the theft, stating that it worked with law enforcement during that time.
The agency's spokesperson Allard Beutel offered this statement. "NASA immediately began working with local law enforcement after the laptop was stolen, with the goal of recovering the computer and protecting the sensitive data. At the same time, NASA IT specialists and security officials began performing an exhaustive automated and manual analysis of the data to make sure everyone with information on the stolen laptop is notified."
Employees were informed via an email sent out from the Associate Deputy Administrator at NASA, Richard Keegan Jr. The email stated that a laptop had been stolen that contained personal information. Workers were warned that while the system was password protected, the data was not encrypted, and thusly it could be accessed by the thief.
[via Computer World]