NASA Internal Memo: Breach of Personally Identifiable Information (PII) Update


image Subject: Breach of Personally Identifiable Information (PII) Update.
From: HQ-NASA INC
Date: December 21, 2012

AGENCY-WIDE MESSAGE TO ALL NASA EMPLOYEES
Point of Contact: Kelly Carter, NASA Headquarters, HQ-Privacy@mail.nasa.gov

Breach of Personally Identifiable Information (PII) Update.

The purpose of this message is to provide an update on the status of the breach of Personally Identifiable Information (PII) that occurred on October 31, 2012.

We understand the concern and anxiety that this incident has caused the NASA community, and we are committed to ensuring it does not happen again. The Office of the Administrator has remained involved throughout the breach response process, and NASA senior management is receiving weekly updates on the breach and status of the Data-at-Rest (DAR) encryption initiative.

NASA has reallocated resources and has been working overtime to achieve the goal of 100 percent laptop encryption as quickly as possible and has made tremendous progress. In the past few weeks, more than 11,000 laptops have been encrypted, and, as of December 17th, NASA had encrypted 32,500 laptops, or about 85 percent of the laptops requiring encryption.

We strongly encourage anyone who receives a letter from our identity protection contractor to take advantage of the services NASA is offering through ID Experts. These services are free and are retroactive to the date of the incident. As of today, there is no evidence that the information on the laptop has been used for fraudulent purposes. However, if you have registered with ID Experts and experience any suspicious activity, be sure to report it to ID Experts so they can help resolve it.

If you want to know whether you have been identified as an affected individual, or if you received a letter and want to know specifically what PII of yours has been found, you can email HQ-Privacy@mail.nasa.gov and will receive a response from the HQ Privacy Breach Response Team. If you have any questions or concerns that haven't been addressed, please feel free to contact the NASA Headquarters lead for the incident, Ms. Kelly Carter, at kelly.carter@nasa.gov or 202-358-1062.

Additional FAQs about the PII Breach can be found on the NSSC website: https://answers.nssc.nasa.gov/app/answers/detail/a_id/6270

This notice is being sent agency-wide to all employees by NASA INC in the Office of Communications at NASA Headquarters.

Please follow SpaceRef on Twitter and Like us on Facebook.