European Space Agency confirms data breach.
dpa/picture alliance via Getty Images
The European Space Agency has confirmed, in a statement emailed to me, that a number of external science servers have been compromised during a security incident. The servers, are “used for unclassified collaborative engineering solutions within the scientific community,” according to an ESA spokesperson. Although it is unclear at this stage which data has been compromised, I understand that the attack has not impacted any classified or highly sensitive mission systems. Threat actors have claimed a total of 200GB of data has been compromised. Here’s what is known so far.
ForbesWireless Headphones Attack Can Spy On Your Smartphone — Update NowBy Davey WinderSpace Agency Internal Forensic Analysis Ongoing Following Hack Attack
Space has become, like it or not, a hugely valuable commercial commodity these days. A 2025 Space Foundation report revealed that the global space economy was worth $613 billion in 2024, and “could cross the $1 trillion mark as soon as 2032.” With that kind of money at stake, it should come as no surprise that threat actors have the space sector firmly in their crosshairs. So, when I recently exclusively reported that a critical security vulnerability in the software protecting communications between NASA spacecraft and Earth had remained hidden for 3 years, I noted that it was fortunate that no attacker had exploited it.
But attackers don’t always need such previously undiscovered security vulnerabilities to succeed in their nefarious efforts to compromise, spy and steal. Existing unpatched vulnerabilities, social engineering and human error can all lead to data disaster. At this early stage in the investigative process, it is unclear what led to the compromise; an ESA spokesperson told me in an email over the weekend that “a very limited number of science servers located outside the ESA corporate network” were involved, but that compromise occurred nonetheless.
The ESA, which has its headquarters in Paris, France, is an intergovernmental organization with some 3,000 employees and is responsible for coordinating the space activities of 23 member states.
“ESA maintains a robust framework and governance structure to address such incidents effectively,” an ESA spokesperson told me, confirming that the “ESA has immediately initiated an internal forensic security analysis, which is currently ongoing, and has implemented short-term remediation measures to secure any potentially affected devices.”
ForbesHackers Unredact Epstein Files — What You Need To KnowBy Davey WinderEuropean Space Agency Security Incident Reveals Inherent Tension In Collaborative Scientific Settings
“BreachForums reported a 200GB data theft, including private Bitbucket repositories, source code, and API tokens,” Damon Small, a member of the board of directors at Xcape, Inc., which specialises in securing mission-critical infrastructure, said, “essentially the engineering project blueprints.” Although it’s obviously good news that ESA Corte mission systems remain secure and were not impacted by the attack, according to the ESA statement, Small warned that “leaked JIRA and Bitbucket data indicates the attackers had access for potentially a week, possibly mapping Continuous Integration/Continuous Deployment pipelines and uncovering hardcoded credentials.” This leaves the potential, at least, for adversaries to better understand ESA’s infrastructure, identify potential vulnerabilities, and execute further supply chain attacks.
“The incident highlights the inherent tension in collaborative scientific settings, where open data sharing among 23 member states often conflicts with stringent security,” Small told me. “As space agencies increasingly rely on distributed partnerships, vendors, and cloud services, their attack surface grows.”
“Relevant stakeholders have been notified. Further updates will be provided once the analysis is complete,” the European Space Agency emailed statement concluded.
ForbesLinkedIn Attack Alert — 1.2 Billion Users Must Watch For Red FlagsBy Davey Winder