Jira Visibility Controls allows for Breach of PII at NASA

by Feb 28, 20192019, Breaches, January0 comments

Who: NASA

What was affected: Employee usernames, names, email addresses, and project names.

When it happened: September 2018

How it happened: The reason for the leak was Jira’s visibility controls, which a NASA system admin appears to have mixed up.

Outcome: NASA and US-CERT were notified of the leak on September 3. However, the leaky Jira instance was only fixed on September 25, more than three weeks later.

Malcare WordPress Security