ESA Confirms Hack of External Servers
▼ Summary
– The European Space Agency (ESA) confirmed a cybersecurity breach affecting servers located outside its main corporate network.
– The compromised servers contained unclassified information related to collaborative engineering activities within the scientific community.
– A threat actor claimed responsibility, stating they accessed systems for a week and stole over 200GB of data, including source code and credentials.
– ESA has initiated a forensic analysis, secured potentially affected devices, and notified all relevant stakeholders about the incident.
– This follows a previous security incident from a year ago when the agency’s official web shop was hacked to steal customer payment data.
The European Space Agency (ESA) has confirmed a cybersecurity incident involving external servers that supported unclassified collaborative engineering work. In an official statement, the intergovernmental organization clarified that the compromised infrastructure was located outside its primary corporate network. A forensic security analysis is currently underway, and measures have been taken to secure any potentially affected devices. The agency, which coordinates space activities for 23 member states and operates with a multi-billion euro budget, emphasized that the impacted servers were used for scientific community projects and that only a very limited number of systems were involved.
The confirmation follows public claims made by a threat actor on a popular hacking forum. This individual asserted responsibility for breaching ESA systems and posted screenshots as purported evidence of access to the agency’s JIRA and Bitbucket servers over a week-long period. According to these unverified claims, the attacker exfiltrated more than 200 gigabytes of data, including source code, private Bitbucket repositories, and various sensitive materials like API tokens, confidential documents, and hardcoded credentials.
ESA has notified all relevant stakeholders about the situation and committed to providing further updates as the investigation progresses. The agency’s statement aimed to downplay the severity, noting the data was unclassified and related to collaborative engineering. However, the alleged scale of the data theft, if proven true, could pose significant risks. Such information could be exploited for further attacks or provide insights into internal systems and development projects.
This incident marks another cybersecurity challenge for the space agency. Just last year, around the Christmas holiday, ESA’s official web shop was compromised. In that attack, malicious code was injected to steal customer payment card information and personal data during the checkout process. These repeated breaches highlight the persistent threats faced by high-profile scientific and governmental organizations, which are often targeted for their valuable data and intellectual property. The agency has not yet commented on the specific claims regarding the volume or nature of the allegedly stolen data from this latest event.
(Source: Bleeping Computer)
