European Space Agency Hit by Multiple Cyber Breaches Exposing Mission Data

European Space Agency's cyber defenses were repeatedly bypassed in 2024, exposing gigabytes of mission-critical data across multiple platforms. ESA confirmed a December 2023 breach involving 200+ gigabytes of software, credentials, and mission documents posted publicly online.

A second incident in early January 2024 exposed 500 gigabytes of operational procedures and partner data, according to The Register.

ESA described the initial breach as "limited" in impact but later acknowledged unpatched vulnerabilities.

Cybersecurity researcher Clémence Poirier noted that ESA and NASA staff credentials frequently appear for sale on dark web forums, citing BugCrowd's reports of daily vulnerability disclosures for NASA.

The second breach was attributed to the Scattered Lapsus$ Hunters group, though no direct evidence links the two incidents.

Infostealer malware, which harvests browser-stored credentials, was identified as a potential attack vector. The January 2024 data dump included proprietary information from SpaceX, Airbus, and Thales Alenia Space. ESA has stated it is "fully cooperating with the authorities" to address the breaches.

"It may be due to a lack of cyber hygiene from ESA staff," one source suggested, while Poirier emphasized that data leaks against space agencies are "common."

These breaches highlight systemic vulnerabilities in institutional cybersecurity practices. ESA's initial assessment of limited impact contrasts with the scale of exposed data, raising questions about the agency's long-term risk management strategies.

The scientific community awaits further clarification on the operational implications for ongoing missions.