The European Space Agency (ESA) has confirmed a cybersecurity breach involving servers located outside its corporate network, following claims by a threat actor on the BreachForums hacking forum.
The attacker alleged unauthorized access to ESA systems for nearly a week and shared screenshots as proof.
In a statement released Tuesday, ESA said the affected servers supported unclassified collaborative engineering activities used within the scientific community. The agency emphasized that only a very small number of external servers were impacted and that a forensic investigation is currently underway to assess the full scope of the incident.
According to the threat actor, more than 200GB of data was allegedly stolen, including private Bitbucket repositories, source code, CI/CD pipelines, API and access tokens, configuration files, Terraform and SQL files, and hardcoded credentials. ESA has not confirmed these claims but stated that all relevant stakeholders have been notified.
This is not the first security incident faced by ESA. In late 2024, the agency’s official web shop was compromised after attackers injected malicious JavaScript code to steal customer payment and personal data during checkout.
If this article helped you, please consider supporting our work. Every small contribution keeps Abijita.com independent and running.
