1. Forum
  2. Fidonet
  3. CONSPRCY

  • ESA confirms breach

    From Mike Powell@1:2320/105 to All on Thu Jan 1 09:32:08 2026
    European space agency confirms 'external servers' breached in cyberattack

    Date:
    Wed, 31 Dec 2025 14:00:00 +0000

    Description:
    The ESA is investigating the extent of the breach, while hackers share stolen files on the dark web.

    FULL STORY

    The European Space Agency (ESA) was hit with a cyberattack earlier this week and apparently lost sensitive data in the process. The agency confirmed the news on X, saying it is currently investigating the incident:

    "ESA is aware of a recent cybersecurity issue involving servers located
    outside the ESA corporate network, the tweet reads. We have initiated a forensic security analysiscurrently in progressand implemented measures to secure any potentially affected devices."

    The agency stressed that the compromised servers were outside the ESA
    corporate network, suggesting that they contained data that cannot be labeled as highly sensitive.

    Our analysis so far indicates that only a very small number of external
    servers may have been impacted, the tweet further explains. These servers support unclassified collaborative engineering activities within the
    scientific community. All relevant stakeholders have been informed, and we
    will provide further updates as soon as additional information becomes available.

    200 GB worth of data

    At the same time, Security Week reports that a cybercriminal with the alias
    888 posted a new thread on the infamous BreachForums website, taking responsibility for the breach which, they say, happened on December 18.

    As per the announcement, ESA lost 200 GB worth of data, including some from private Bitbucket repositories. In its report, CyberInsider lists these types of files as being nabbed:

    Source code from private Bitbucket repositories
    CI/CD pipeline configurations
    API and access tokens
    Internal documentation
    SQL database files
    Terraform infrastructure code
    Hardcoded credentials and configuration files

    They also posted a few screenshots to prove their claims, but at press time,
    no one analyzed the samples to see if they are authentic or not.

    This is not the first time ESA was struck by hackers, since roughly a year
    ago, the agencys website was compromised with a credit card skimmer . Back then, researchers from Sansec spotted a malicious script on ESAs web shop,
    and determined it created a fake Stripe payment page at checkout, where it collected customer information.

    Payment data, including sensitive credit card information, was also being gathered.

    Via Security Week

    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/european-space-agency-confirms-external -servers-breached-in-cyberattack

    $$
    --- SBBSecho 3.28-Linux
    * Origin: Capitol City Online (1:2320/105)

Novedades:

Servidor de Quake 3 Arena Online! - Conectate a ferchobbs.ddns.net, puerto 27960 y vence con tu equipo!