European Space Agency hacked and details leaked

Criminals have hacked the European Space Agency (ESA) just to show it could be done, with no plans to actually do anything malicious with the data they released.

In fact, the hackers said the motivation for the attack was "lulz", despite them stealing the details of 8,000 researchers and supporters of the organisation including full names, fax numbers, phone numbers, addresses, email addresses and the name of the organisation or employer they belonged to.

52 of these people were internal ESA users.

The details were leaked in three separate posts online and apparently originated from ESA subdomains including sci.eas.int, exploration.esa.int, and due.esrin.ease.int.

The criminals used a blind SQL vulnerability to gain access to the ESA's database, which then allowed them to steal the details of the victims.

However, the leak revealed that those involved with the ESA aren't particularly secretive when it comes to inventing passwords, with many of them comprising just three characters, mostly number combinations.

Additionally, analysis of the information showed 39 per cent of the leaked passwords comprised of three digits, while 16 per cent were eight-character codes. The longest password had 24 characters, making it well-secured, yet there were only 22 records with 20-character passwords attached to them.

Anonymous has claimed it carried out the attacks, with the reasoning given to Hackread as, "BECAUSE XMAS IS COMING AND WE HAD TO DO SOMETHING FOR FUN SO WE DID IT FOR THE LULZ."

The hack happened just as UK astronaut Tim Peake is ready to head to the International Space Station, potentially meaning Anonymous was trying to get the European Space Agency in the news for a reason other than the mission.

"Views in the Main Control Room (12052189474)" by European Space Agency - ESOC flickr, Credit: ESA - Jrgen Mai. Licensed under CC BY-SA 3.0-igo via Commons

Clare Hopping
Freelance writer

Clare is the founder of Blue Cactus Digital, a digital marketing company that helps ethical and sustainability-focused businesses grow their customer base.

Prior to becoming a marketer, Clare was a journalist, working at a range of mobile device-focused outlets including Know Your Mobile before moving into freelance life.

As a freelance writer, she drew on her expertise in mobility to write features and guides for ITPro, as well as regularly writing news stories on a wide range of topics.