European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data - Bitdefender

INDUSTRY NEWS DATA BREACH 2 min read European Space Agency's cybersecurity in freefall as yet another breach exposes spacecraft and mission data Graham CLULEY January 22, 2026 It has just been a few weeks since we reported on the Christmas cyber attack suffered by the European Space Agency (ESA), and the situation has already become worse. When ESA revealed that it had been hacked over the Christmas period by a hacker known as "888" it was quick to reassure the public that the impact was "limited" to external servers containing unclassified engineering data. The hacker, however, claimed to have exfiltrated some 200GB of data, including source code, API and access tokens, hardcoded credentials, and SQL files. Some of the stolen documents were said to be related to the Ariel space telescope mission which aims to launch in 2029 in a mission to find out the atmospheric composition of exoplanets. When everything online feels risky, trust what’s proven safe. Try Bitdefender Premium Security free today. Try It Free In light of the latest data breach to impact ESA, the December 2025 incident doesn't look too bad. Because this month the Scattered Lapsus$ Hunters cybercrime group was quick to pick up where "888" had left off, exploited what they claim was an unpatched vulnerability to steal an additional 500GB of data - more than double the initial haul. Furthermore, this latest breach reportedly involves data that might be more concerning - such as operational procedures, spacecraft and mission details, subsystems documentation, and proprietary contractor data from ESA partners including SpaceX, Airbus Group, and Thales Alenia Space. As a consequence of this latest incident, ESA has now confirmed that a criminal investigation is underway. Some have suggested that poor cybersecurity practices at ESA may have helped the hacking group gain unauthorised access to systems. Cybersecurity researcher Clémence Poirier told Space.com that she frequently comes across the email credentials of ESA staff (as well as NASA) up for sale on dark web forums. Unfortunately for ESA, it has suffered from a history of cybersecurity incidents. These have ranged from its official online merchandise store being compromised with payment card-skimming code just days before Christmas 2024, to an Anonymous-linked breach that exposed employee and subscriber passwords and other data in 2015. The high profile of organisations that work in outer space means that they are common targets for both bug hunters and malicious hackers, with vulnerabilities being disclosed "almost every day" to BugCrowd about NASA, for instance. TAGS industry news data breach AUTHOR Graham CLULEY Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s. View all posts RIGHT NOW TOP POSTS INDUSTRY NEWS FAMILY SAFETY Safer Messaging for Kids: How to Set Up a Parent-Managed WhatsApp Account for Your Child March 12, 2026 3 min read THREATS As F1 Returns, So Do the Risks of Free Streaming March 06, 2026 10 min read SCAM ALERT War as a Hook: How Fraudsters Are Using the Israel-Iran Crisis to Target Netizens March 05, 2026 5 min read SCAM The ‘I Accidentally Reported You’ Discord Scam: What You Need to Know February 27, 2026 5 min read FOLLOW US ON SOCIAL MEDIA YOU MIGHT ALSO LIKE INDUSTRY NEWS SCAM Life imprisonment for Cambodian scam compound operators - but will it make a difference? Graham CLULEY April 07, 2026 2 min read INDUSTRY NEWS Fake Claude code leak on GitHub pushes Vidar malware Vlad CONSTANTINESCU April 03, 2026 2 min read INDUSTRY NEWS MOBILE SECURITY Apple Expands ‘DarkSword’ Patch to More iPhones and iPads — Update Today! Filip TRUȚĂ April 03, 2026 4 min read BOOKMARKS You have no bookmarks yet. Tap to read it later.