Lawsuit possible in NASA laptop theft
NASA contractors say breach confirms fears outlined in lawsuit rejected by U.S. Supreme Court last year
Computerworld - A group of current and former contractors at NASA's Jet Propulsion Laboratory (JPL) may file a lawsuit due to the possible exposure of personal information stored on an agency laptop stolen last month from a locked car, their lawyer said Wednesday.
The laptop, stolen on Oct. 31, stored the personal data of some10,000 NASA employees and contractors.
Some members of the group were part of a lawsuit filed against NASA five years ago over what they claimed were overly intrusive background checks the agency was conducting in connection with a mandatory federal smart card credentialing program.
At that time, the group contended that the data being collected by NASA was highly personal. They had expressed concern over NASA's ability to protect their private data.
The case went all the way to the Supreme Court, which last year ruled that NASA was within its rights to conduct such checks as a condition of employment.
All of those involved that suit were contractors working as senior scientists and engineers at JPL in Pasadena, Calif. The facilty is staffed and managed for NASA by the California Institute of Technology.
The Oct. 31 theft of an unencrypted agency laptop from the locked car of a teleworking NASA employee validates the privacy concerns raised in the earlier lawsuit, said Dan Stormer, a lawyer with Hadsell, Stormer, Richardson & Renick, LLC, the firm representing the group.
According to NASA, the stolen laptop contained unencrypted Social Security Numbers, dates of birth, birthplace information and other data. The laptop also stored "sensitive information" gathered as part of background investigations, NASA acknowledged.
"NASA's handling of the data was in direct violation of the Privacy Act," Stormer said. "They violated the right to privacy by releasing confidential information."
The Supreme Court's ruling in favor of NASA last year noted the private data being collected by NASA would be adequately protected under the provisions of the Privacy Act, Stormer said.
"Clearly in light of NASA's cavalier disregard for the privacy right of others," Stormer said, that did not happen.
Stormer said the group is considering whether to file a class-action suit against NASA over the recent breach, alleging negligence and violations of the Privacy Act.
Former NASA scientist Robert Nelson, who worked as a NASA astronomer for 34 years and was a senior member of the Cassini Orbiter team, said his data was compromised in the recent breach.
"The issue is how did this happen?" Nelson said in an interview with Computerworld. "When we sued them five years ago, one of the arguments we made was that we didn't believe NASA was capable enough to protect our data. When we lost our lawsuit they went ahead and completed those investigations." he said.
- US agencies to release cyberthreat info faster to healthcare industry
- UPS now the third company in a week to disclose data breach
- Healthcare organizations still too lax on security
- Why would Chinese hackers want US hospital patient data?
- About 4.5M face risk of ID theft after hospital network hacked
- Supervalu breach shows why move to smartcards is long overdue
- Grocery stores in multiple states hit by data breach
- Update: Payment cards with chips aren't perfect, so encrypt everything, experts say
- U.S. agencies halt background checks by contractor after cyberattack
- Five unanswered questions about massive Russian hacker database
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!