This is not a NASA Website. You might learn something. It's YOUR space agency. Get involved. Take it back. Make it work - for YOU.
IT/Web

Stolen Laptop Security Update

By Keith Cowing
NASA Watch
April 12, 2013
Filed under , , ,

NASA Internal Memo: Breach of Personally Identifiable Information Update
“As of now, there is no indication that any of the PII on the laptop has been used for fraudulent purposes as a result of this incident. However, we encourage anyone who receives a letter to take advantage of the services NASA is offering through ID Experts. The deadline to enroll in these services has been extended to May 31, 2013. Additionally, if you have registered with ID Experts and have experienced any suspicious activity, be sure to report it to ID Experts so they can help resolve it.”

NASA Watch founder, Explorers Club Fellow, ex-NASA, Away Teams, Journalist, Space & Astrobiology, Lapsed climber.

3 responses to “Stolen Laptop Security Update”

  1. dogstar29 says:
    0
    0

    The real security flaw here has nothing to do with the data on the computer, it’s the US credit system in which anyone with your SSN can open a credit account in your name or get access to your medical records. Obviously this should require a PIN you can change if it’s lost.

    The real cost of this incident, beyond the lost hardware itself, was the cost in CS and contractor hours in dealing with DAR, which doesn’t accomplish anything that could not have been done with already available encrypted data partitions and vastly complicates the password infrastructure with yet another set of non/domain passwords on an arbitrary rotation scheme, this time requiring a separate password file for each user on each laptop.

    • Geoffrey Landis says:
      0
      0

       Actually, according to a Microsoft report, stealing social security
      numbers gives you very little.  You can buy stolen social security
      numbers for pennies on the black market, but it’s not easy to turn them
      into cash.
      http://research.microsoft.c

  2. Anonymous says:
    0
    0

    Why was so much PII on a laptop? It seems whenever such data is compromised (and  govt agencies are not the only victims), much of reported is from stolen laptops. Why is everyone so hung up on laptops? They’re slow, run hot (sometimes catch fire!), get dropped, get beverages spilled on them. For such important data of PII nature, does it really need to be lugged around outside the office on a laptop? What about a big ugly tower bolted to a table in a room where you lock the door at end of day?