The European Space Agency (ESA) has confirmed that its systems were breached in a cyberattack after a hacking group claimed to have stolen around 200 gigabytes of sensitive and confidential data.
In an official statement published earlier this week on social media, ESA said initial assessments indicate that only a very limited number of external servers were affected. These servers support non-classified collaborative engineering activities within the scientific community and are not part of the agency’s core internal network.
Despite the agency’s efforts to downplay the impact, an alleged hacker has offered 200 gigabytes of stolen data for sale on the criminal forum BreachForums. Screenshots shared by French cybersecurity expert Sebastien Latom reveal that the leaked material reportedly includes highly sensitive information, such as core source code, internal access tokens, hardcoded system credentials, infrastructure configuration files and confidential engineering documents.
ESA is aware of a recent cybersecurity issue involving servers located outside the ESA corporate network. We have initiated a forensic security analysis—currently in progress—and implemented measures to secure any potentially affected devices.
Our analysis so far indicates that…
— European Space Agency (@esa) December 30, 2025
According to cybersecurity reports, some of the compromised data may be linked to ESA’s future Ariel space telescope mission, which is scheduled for launch in 2029 and is designed to study exoplanets beyond the solar system.
Security specialists have warned that the publication of such data poses serious risks. Beyond threatening the security of sensitive space projects, leaked source code and credentials could be exploited in future cyberattacks, potentially exposing additional systems and partners.
The incident adds to a series of cybersecurity breaches involving the European Space Agency in recent years. These include an attack on ESA’s online store in December 2024 and a larger breach in 2015 that exposed employee and subscriber information.
Although previous incidents targeted systems outside the agency’s protected internal network, experts say the repeated breaches raise concerns about the robustness of current security measures.
ESA said it has launched a full forensic cybersecurity investigation and is taking immediate steps to secure all potentially affected systems. The agency also pledged to provide public updates as more information becomes available.
Follow the latest news on Google News
