The European Space Agency has fallen victim to a cyberattack in which data was stolen.
The European Space Agency (ESA) has once again become the target of a cyberattack. As with previous cases, the organization is initially minimizing the impact, but cybercriminals claim to have made off with a large amount of sensitive data.
Limited impact
ESA confirmed on Tuesday via a message on its X-account that it is aware of the breach. According to the company, only a few servers used for unclassified engineering and scientific collaboration were affected.
“We have launched a forensic investigation and immediately taken measures to secure potentially affected systems,” ESA said. “All relevant parties have been informed and we will communicate further details as they become available.”
Data leak of more than 200 GB
Last week, however, a dataset of more than 200 gigabytes of ESA-related data was offered for sale on hacker forums, writes The Register. According to the screenshots, the attackers gained access to external servers linked to ESA on December 18, and remained active there unnoticed for about a week.
The hackers are said to have made off with source code, CI/CD pipelines, API and access tokens, confidential documents, configuration files, Terraform and SQL files, hard-coded credentials, and a dump of all private Bitbucket repositories.
Forensic investigation underway
For the time being, it remains unclear how great the damage from the current incident is and whether the attackers’ claims are correct. The ongoing forensic investigation should reveal whether sensitive data has actually been stolen and what risks this poses for ESA and its partners.