[ISN] Agencywide Message to All NASA Employees: Breach of Personally Identifiable Information (PII)

From: InfoSec News <alerts_at_private>
Date: Wed, 14 Nov 2012 00:41:08 -0600 (CST)
http://www.spaceref.com/news/viewsr.html?pid=42609

Source: NASA HQ
Posted Tuesday, November 13, 2012

From: HQ-NASA INC [mailto:hq-nasa-inc (at) nasa.gov]
Sent: Tuesday, November 13, 2012 2:30 PM
Subject: Breach of Personally Identifiable Information (PII)

AGENCYWIDE MESSAGE TO ALL NASA EMPLOYEES

Point of Contact: Kelly M. Carter, Information Technology and Communications 
Division, NASA Headquarters, kelly.carter (at) nasa.gov

Message from the Associate Deputy Administrator:

Breach of Personally Identifiable Information (PII)

On October 31, 2012, a NASA laptop and official NASA documents issued to 
a Headquarters employee were stolen from the employee's locked vehicle. 
The laptop contained records of sensitive personally identifiable 
information (PII) for a large number of NASA employees, contractors, and 
others. Although the laptop was password protected, it did not have 
whole disk encryption software, which means the information on the 
laptop could be accessible to unauthorized individuals. We are 
thoroughly assessing and investigating the incident, and taking every 
possible action to mitigate the risk of harm or inconvenience to 
affected employees.

NASA has contracted with a data breach specialist, ID Experts, who will 
be sending letters to affected individuals, informing them that their 
sensitive PII was stored on the stolen laptop and they could be impacted 
by the breach. This notification also will provide them information on 
how to protect their identity using the fully managed services of ID 
Experts at no cost to the individual. These services will include a call 
center and website, credit and identity monitoring, recovery services in 
cases of identity compromise, an insurance reimbursement policy, 
educational materials, and access to fraud resolution representatives. 
If you receive a notification letter in the mail, follow the directions 
to activate your services as soon as possible.

All employees should be aware of any phone calls, emails, and other 
communications from individuals claiming to be from NASA or other 
official sources that ask for personal information or verification of 
it. NASA and ID Experts will not be contacting employees to ask for or 
confirm personal information. If you receive such a communication, 
please do not provide any personal information.

[...]


______________________________________________
Visit the InfoSec News Security Bookstore
Best Selling Security Books and More!
http://www.shopinfosecnews.org 
Received on Tue Nov 13 2012 - 22:41:08 PST

This archive was generated by hypermail 2.2.0 : Tue Nov 13 2012 - 22:56:47 PST