NASA internal app leaked employee emails, and project names for three weeks, possibly more details such as employee usernames, names, email addresses, and project names were involved.
While the exposed data does not include highly detailed personally identifiable information (PII), an attacker could have used the leaked data to refine the targeting of spear-phishing emails, to target go after employees working on sensitive projects by spoofing the emails of known colleagues.
A NASA spokesperson was not available for comment, however, the two security incidents don't appear to be related.
Source: https://www.zdnet.com/article/nasa-internal-app-leaked-employee-emails-project-names/
"id": "NAS02916223",
"linkid": "nasa",
"type": "Data Leak",
"date": "01/2019",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"