The European Space Agency (ESA) has confirmed a significant security breach involving its science servers, with a hacker claiming to have stolen 200 gigabytes of sensitive data. This incident was highlighted on social media earlier this week, prompting ESA's response that only a few external servers may have been compromised, primarily those used for unclassified collaborative engineering within the scientific community.
Among the stolen materials are source codes, access tokens, Terraform files, and confidential documents. Some of this data could pertain to ESA's upcoming space telescope, Ariel, set for launch in 2029. French cybersecurity expert Seb Latom noted that the data being offered for sale on the BreachForums cybercrime site poses risks to ongoing space projects and could potentially be exploited for malicious purposes.
This breach is not the first for ESA, which has faced similar cybersecurity challenges in the past. Previous incidents include a breach in 2015 that targeted several ESA websites and a fake payment page incident in December 2024. In response to the current situation, ESA has commenced a forensic security analysis and implemented measures to safeguard affected devices, assuring that all relevant stakeholders have been notified and updates will follow as more information becomes available.