European Space Agency cybersecurity

European Space Agency cybersecurity in freefall after another breach Source: www.bitdefender.com/en-us/blo… The European Space Agency (ESA) has suffered a second major data breach just weeks after a Christmas-period hack it initially described as limited to unclassified external systems. The first attacker, known as “888,” claimed to have exfiltrated roughly 200 GB of data, including source code, credentials, and materials linked to the Ariel space telescope mission planned for 2029. ESA downplayed the impact at the time. More recently, the Scattered Lapsus$ Hunters cybercrime group reportedly exploited an unpatched vulnerability to steal an additional 500 GB of data. This second breach allegedly includes more sensitive information, such as operational procedures, spacecraft and mission details, subsystem documentation, and contractor data involving partners including SpaceX, Airbus and Thales Alenia Space. ESA has confirmed that a criminal investigation is underway, amid criticism that weak cybersecurity practices may have contributed to the repeated compromises.