European Space Agency has confirmed a cybersecurity breach involving its science-related servers, after a hacker group claimed to have stolen nearly 200 GB of internal data, including confidential documents and source code. The incident highlights growing digital security challenges facing global space organizations.
Earlier this week, ESA acknowledged the breach following online reports. The agency stated that the attack affected only a limited number of externally hosted servers used for unclassified scientific collaboration. According to ESA, its core internal systems remain secure, and the overall operational impact appears minimal.
Despite this assurance, a threat actor is reportedly attempting to sell the stolen data on the BreachForums cybercrime platform. Screenshots shared on X by French cybersecurity researcher Seb Latom suggest the leaked material includes source code, access tokens, hardcoded credentials, Terraform configuration files, and sensitive internal documents. Such exposure raises concerns about the long-term security of space research infrastructure and the potential misuse of publicly funded technological resources.
Some of the compromised files may be linked to Ariel, ESA’s upcoming space telescope scheduled for launch in 2029. If confirmed, the breach could pose risks to future scientific missions by enabling malicious reuse of proprietary code and weakening trust in collaborative research ecosystems.
A Pattern of Cybersecurity Incidents
This event is not an isolated case. In December 2024, attackers set up a fraudulent payment page on ESA’s online store to harvest customer data. Earlier incidents date back to 2015, when hackers breached several ESA websites and accessed staff and subscriber information. While all known attacks targeted platforms hosted outside ESA’s internal network, the recurring nature of these incidents suggests a need for stronger, more sustainable cybersecurity practices.
ESA is not alone in facing such challenges. NASA has also experienced major cyber incidents, including a 2018 breach that exposed sensitive personal information of agency employees.
In response to the latest breach, ESA has launched a forensic security investigation, secured potentially affected systems, and notified all relevant stakeholders. The agency emphasized its commitment to transparency and stated that it will release additional updates as the investigation progresses.
As space agencies increasingly rely on digital collaboration and cloud-based infrastructure, strengthening cybersecurity is essential—not only to protect data, but also to ensure sustainable, responsible use of public resources and to safeguard the future of space exploration.
