According to a Computerworld report, citing the information disclosed by a NASA spokesman via an email, personally identifiable information of "at least" 10,000 users, including NASA employees and contractors, was stored on the agency laptop which was stolen on October 31.
The notification of the laptop theft was given to the NASA employees via a Tuesday email message by the agency's associate deputy administrator Richard Keegan, who revealed that the device was stolen from a locked car last month.
Keegan had also cautioned the NASA employees that even though the stolen laptop was password protected, the personal data stored on it could still be accessed by `unauthorized individuals' because the device lacked the advantage of whole disk encryption software.
Meanwhile, about the two-week period which NASA took to disclose the breach to its employees, the agency's spokesman Allard Beutel recently told Computerworld that, ever since the laptop was stolen, NASA - along with law enforcement authorities - has been trying to recover the lost device.
In addition, Beutel also said that the agency also used the interim period, between the theft and its official disclosure to the employees, to ascertain precisely the personal information which was stored on it.
Beutel further added: "NASA IT specialists and security officials began performing an exhaustive automated and manual analysis of the data to make sure everyone with information on the stolen laptop is notified."