"While the ESA said it's aware of a security incident, it added in an X post Tuesday that the breach may have impacted only "a very small number of external servers" used to support unclassified engineering and scientific collaboration. "We have initiated a forensic security analysis-currently in progress-and implemented measures to secure any potentially affected devices," the ESA added. "All relevant stakeholders have been informed, and we will provide further updates as soon as additional information becomes available.""
"According to the alleged attacker, they gained access to ESA-linked external servers on December 18, and were connected "for about a week," during which they claim to have stolen source code files, CI/CD pipelines, API and access tokens, confidential documents, configuration files, Terraform files, SQL files, hardcoded credentials, and a dump of "all their private Bitbucket repositories as well.""
The European Space Agency experienced a security incident that may have impacted a very small number of external servers used for unclassified engineering and scientific collaboration. A forensic security analysis is underway and measures were implemented to secure potentially affected devices. All relevant stakeholders were informed and further updates will be provided when available. An alleged attacker posted an offer of over 200 GB of ESA data for sale on BreachForums, claiming access from December 18 for about a week and listing source code, CI/CD pipelines, tokens, configuration and Terraform files, SQL files, hardcoded credentials, and private Bitbucket repository dumps. Outreach to the agency encountered an automated response noting offices closed for the New Year holiday. Past incidents reportedly also involved external systems rather than core networks.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]