Stolen NASA laptop contained private info on 10,000+ employees

By Stephen C. Webster
Monday, December 17, 2012 15:55 EDT
google plus icon
A data thief. Photo: Shutterstock.com, all rights reserved.
  • Print Friendly and PDF
  • Email this page

A laptop computer stolen from a vehicle of a NASA employee on Halloween contained sensitive, private information on more than 10,000 current and former NASA employees, an internal report revealed Monday.

As a result of the loss, NASA Inspector General Paul K. Martin explained that the nation’s space agency contracted with credit monitoring services to ensure the financial identities of their employees were protected — at a cost of up to $700,000. Talking Points Memo picked up the story shortly after the report’s publication.

The report (PDF) shines a light on NASA’s long-running, often-delayed data encryption efforts, which have been underway since last year but still appear to be lagging behind. A total of 107 NASA laptops have gone missing from 2011-2012, the report adds.

The report also notes that NASA “owns or leases upwards of 60,000 desktop and laptop computers,” but only about 34,000 of them have been brought up to standards on data security. That’s due to what Martin called “a lack of sufficient internal controls,” the decentralized nature of NASA’s IT management and repeated delays by HP Enterprise Services, which NASA hired to implement agency-wide encryption protocols.

All of the agency’s laptop computers are supposed to be fully encrypted by December 21, 2012, but Martin’s report says that’s a goal not likely to be met. Instead, the report recommended that NASA IT officials recommit to enforcing a ban on taking agency laptops offsite unless they’re fully encrypted.

“NASA takes information technology security very seriously and thanks the Inspector General for its recommendations for further strengthening NASA’s systems,” NASA spokesperson Bob Jacobs told Raw Story. “Most recently, NASA has accelerated its commitment to encrypting all agency laptops, encrypting more than 11,000 agency laptops in just the last few weeks. NASA has also implemented new policies and processes that will prevent future losses of personally identifiable information, such as directing that no NASA-issued laptops containing sensitive information can be removed from a NASA facility unless whole disk encryption software is enabled or the sensitive files are individually encrypted.”

Photo: Shutterstock.com, all rights reserved.

Stephen C. Webster
Stephen C. Webster
Stephen C. Webster is the senior editor of Raw Story, and is based out of Austin, Texas. He previously worked as the associate editor of The Lone Star Iconoclast in Crawford, Texas, where he covered state politics and the peace movement’s resurgence at the start of the Iraq war. Webster has also contributed to publications such as True/Slant, Austin Monthly, The Dallas Business Journal, The Dallas Morning News, Fort Worth Weekly, The News Connection and others. Follow him on Twitter at @StephenCWebster.
By commenting, you agree to our terms of service
and to abide by our commenting policy.