The National Aeronautics and Space Administration (NASA) is warning employees that their personal details might have been compromised after a laptop was stolen from a staffer’s locked car.
The stolen device contains records of personally identifiable information for numerous employees, contractors and “others.”
The laptop is password protected, but because there’s no disk encryption system set in place, the chances for the information stored on it to be misused are fairly high.
“The Administrator is extremely concerned about this incident and has directed that all IT security issues be given the highest priority. NASA is taking immediate steps to prevent future occurrences of PII data loss,” reads the notice sent by Richard J. Keegan Jr., associate deputy administrator, to employees.
This incident has made the agency realize that such breaches can occur at any time because of the lack of proper policies.
As a result, NASA’s administrator and the CIO are restricting employees from removing work laptops containing sensitive information from the facility if they don’t contain encryption software.
The agency hopes to complete the laptop encryption program by December 21, 2012.
The storage of sensitive information on smartphones or other mobile devices is also strictly prohibited.
The organization’s CIO is currently working on identifying other changes in policy and procedures that are needed to prevent such incidents from happening in the future.
All of the affected individuals will benefit from the services of data breach specialist ID Experts. They will receive notification letters containing instructions on how to protect their identities and financial assets.
However, they’re warned to beware of phony emails, calls and other communications that purport to come from NASA. The agency will not contact staffers and ask them to confirm personal information.