Jump to content
Login new information ×
Giveaway Contest ×
Login new information
Giveaway Contest
  • Security & Privacy News

    European Space Agency confirms breach of "external servers"

    Karlston

    By Karlston,
    Published Date:

    • 400 views
    • 3 minutes
     Share
    • 400 views
    • 3 minutes

    The European Space Agency (ESA) confirmed that attackers recently breached servers outside its corporate network, which contained what it described as "unclassified" information on collaborative engineering activities.

     

    Founded 50 years ago and headquartered in Paris, ESA is an intergovernmental organization that coordinates the space activities of 23 member states. ESA has around 3000 staff and had a budget of €7.68 billion ($9 billion) in 2025.

     

    Today, the space agency issued a statement confirming a breach, following claims by a threat actor on the BreachForums hacking forum that they had breached some of ESA's servers.

     

    The threat actor also leaked some screenshots as proof that they've had access to ESA's JIRA and Bitbucket servers for an entire week.

     

    "ESA is aware of a recent cybersecurity issue involving servers located outside the ESA corporate network. We have initiated a forensic security analysis—currently in progress—and implemented measures to secure any potentially affected devices," the space agency said on Tuesday.

     

    "Our analysis so far indicates that only a very small number of external servers may have been impacted. These servers support unclassified collaborative engineering activities within the scientific community."

     

    ESA says it has already notified "all relevant stakeholders" of the security breach and will provide further updates as soon as more information becomes available.

     

    While ESA didn't provide any other details about which servers were breached, the threat actors claim they stole over 200GB of data after breaching the European Space Agency's systems and private Bitbucket repositories.

    ESA breach claims
    Threat actor's ESA breach claims (BleepingComputer)

    They said that the allegedly stolen data includes source code, CI/CD pipelines, API tokens, access tokens, confidential documents, configuration files, Terraform files, SQL files, hardcoded credentials, and more.

     

    "I've been connecting to some of their services for about a week now and have stolen over 200gb of data. Including dumping all their private Bitbucket repositories as well," the threat actors said.

     

    An ESA spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.

     

    This is not the first time the European Space Agency has had its systems breached in recent years.

     

    One year ago, right before Christmas, the European agency's official web shop was hacked, with malicious JavaScript code inserted to steal customer information and payment card data provided during checkout.

     

    Source

    Hope you enjoyed this news post. Feedback welcome.

    Posted Wednesday 31 December 2025 at 4:25 am AEST (my time).

    News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of November): 5,412

    RIP Matrix

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...