NASA, in response, has required employees to keep agency-issued laptops on the premises in response to the matter.
The laptop in question was reportedly taken during October 31, coincidentally Halloween.
“The laptop contained records of sensitive personally identifiable information (PII) for a large number of NASA employees, contractors, and others. Although the laptop was password protected, it did not have whole disk encryption software, which means the information on the laptop could be accessible to unauthorized individuals,” stated the agency in an email message appearing via spaceref.com.
NASA, meanwhile, is working with data breach specialist ID Experts to inform any employees affected by the incident. The company is also providing those hit with security monitoring, among other offerings.
The process of notification could take up to sixty days.
In no way is it the first time NASA has faced high profile security problems. Earlier this year in March, in a U.S. Congressional report, NASA Inspector General Paul K. Martin detailed an incident in which a hacker successfully obtained data pertaining to over 150 staff members. During that time, Martin also addressed the need to secure data, especially considering federal agencies’ shift towards cloud reliance.
In 2011 alone, NASA reportedly faced 47 APTs, also known as “advanced persistent threats.”