- ESA has confirmed a cyber attack affecting external servers used for collaborative engineering activities
- Hacker “888” claims to have stolen 200 GB of data, including source code, tokens and configurations.
- The incident follows last year's hack of the ESA online store using a credit card skimmer.
Earlier this week, the European Space Agency (ESA) suffered a cyber attack and apparently lost sensitive data. The agency confirmed the news to X, saying it is currently investigating the incident:
“ESA is aware of the recent cybersecurity issue related to servers “We have initiated a forensic security review, which is currently ongoing, and have taken steps to secure any potentially affected devices,” the tweet said.
The agency stressed that the compromised servers were “outside ESA’s corporate network,” suggesting that they contained data that could not be called highly confidential.
“Our analysis shows that only a very small number of external servers are affected,” the tweet explains. “These servers support unclassified collaborative engineering activities within the scientific community. All relevant stakeholders have been informed and we will provide further updates as soon as additional information becomes available.”
200 GB data
At the same time, Safety Week reports that a cybercriminal going by the alias “888” has posted a new thread on the notorious BreachForums site, claiming responsibility for a hack they say occurred on December 18th.
According to the announcement, ESA lost 200 GB of data, including from private Bitbucket repositories. In his report CyberInsider lists these file types as captured:
- Source code from private Bitbucket repositories.
- CI/CD pipeline configurations
- API and access tokens
- Internal documentation
- SQL database files
- Terraform infrastructure code
- Hardcoded credentials and configuration files.
They also published several screenshots to support their claims, but at the time of publication, no one had analyzed the samples to see if they were genuine or not.
This is not the first time ESA has been attacked by hackers: about a year ago, the agency's website was compromised by a virus. skimmer for credit cards. Then, researchers from Sansec discovered a malicious script in the ESA online store and determined that it created a fake Stripe payment page during checkout, where it collected customer information.
Payment data, including sensitive credit card information, was also collected.
By using Safety Week
The best antivirus for any budget
Follow TechRadar on Google News. And add us as your preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the “Subscribe” button!
And of course you can also Follow TechRadar on TikTok for news, reviews, unboxing videos and get regular updates from us on whatsapp too much.
