NASA IT Blunder Update

NASA Suffers “Large” Data Breach Affecting, IEEE Spectrum
“Why it has taken so long for NASA to finally decide to fully encrypt its laptops remains a mystery, given its long-time poor record on IT security. As noted at NASA Watch, NASA has a history of laptops with personally identifiable information being stolen, one as recently as March. Maybe NASA decided to act this time because it involved a NASA Headquarters’ person who in all likelihood is very senior and should have known better than to possess a laptop with no data encryption.”
NASA finally demands encryption on employee machines after another laptop is stolen, The Verge
“Why the concern? Well, the laptop’s hard drive wasn’t encrypted, and nor were any of its sensitive documents. The theft, which was revealed to employees in an agency-wide email obtained by SpaceRef, is being spun as a wake up call for NASA to beef up its security standards on employees’ laptops.”
NASA scrambles to encrypt laptops after major breach, Computer World
“Gant Redmon, general counsel and vice president of business development at Co3 Systems, an incident management company, said the issue is why NASA didn’t take measures to encrypt all of its systems sooner. “I have two questions. Why didn’t they have it before the [March] incident? Why didn’t they have it after that first breach?”
NASA Says Staff Information Was on Stolen Laptop, New York Times
“This is not the first time NASA has suffered a serious breach. The agency has long been a target for cybercriminals looking to pilfer sensitive research.”
Laptop with NASA workers’ personal data is stolen, Reuters
“The laptop theft is the latest in a string of NASA security breaches over the past few years. In March, a Kennedy Space Center worker’s laptop that contained personal information on about 2,300 employees and students was stolen.”
Yet Another NASA IT Blunder, earlier post