U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

NASA data breach – The agency notifies employees of a security intrusion

U.S. National Aeronautics and Space Administration (NASA) notifies employees of a data breach that exposed social security numbers and other personal information. According to the data breach notification, hackers have breached at least one of the agency’s servers, the security breach impacted both past and present employees.  Website SpaceRef published a data breach notification note sent by the NASA […]

nasa coronavirus

U.S. National Aeronautics and Space Administration (NASA) notifies employees of a data breach that exposed social security numbers and other personal information.

According to the data breach notification, hackers have breached at least one of the agency’s servers, the security breach impacted both past and present employees. 

Website SpaceRef published a data breach notification note sent by the NASA to its employees, the Agency informed them of an ongoing investigation due to an intrusion into its servers on October 23.

“On Oct. 23, 2018, NASA cybersecurity personnel began investigating a possible compromise of NASA servers where personally identifiable information (PII) was stored.” reads the note obtained by 
SpaceRef.

“After initial analysis, NASA determined that information from one of the servers containing Social Security numbers and other PII data of current and former NASA employees may have been compromised.”

Initial analysis confirmed that social security numbers and other personally identifiable information (PII) stored on one server may have been stolen.

The Space Agency confirmed that the breach may impact NASA Civil Service employees on-boarded, separated from the agency, or transferred between centers from July 2006 to October 2018.

nasa

The US agency and its Federal cybersecurity partners are analyzing the internal infrastructure to determine the scope of the potential data exfiltration and identify potentially affected individuals.

An investigation has been launched in an effort to determine “the scope of potential data exfiltration” and identify the individuals who may be impacted. However, NASA says this process “will take time.”

“The ongoing investigation is a top agency priority, with senior leadership actively involved. NASA does not believe that any Agency missions were jeopardized by the cyber incidents,” continues the note.

NASA will provide specific follow-up information to the affected employees and also identity protection services.

“Our entire leadership team takes the protection of personal information very seriously. Information security remains a top priority for NASA. NASA is continuing its efforts to secure all servers, and is reviewing its processes and procedures to ensure that the latest security practices are being followed throughout the agency,” the note concludes.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs –hacking, data breach)

[adrotate banner=”5″] [adrotate banner=”13″]