ShortRead: The online hacktivist Anonymous has breached the subdomains of the European Space Agency website and leaked personal and login credentials of thousands of subscribers and officials — The reason for targeting the agency? Well, ”We did it for the Lulz” says Anonymous.

Earlier today, Anonymous conducted a cyber attack on the European Space Agency (ESA) website (due.esrin.esa.int, exploration.esa.int, sci.esa.int) using a blind SQL vulnerability which further provided them access to the site’s database. 

After scanning the data, we found it to be legit and never been leaked online in the recent past. The data has been divided into three files which include site’s database, full names, email ids, office addresses, institution names, phone numbers and fax numbers of hundreds of registered users while 52 names, emails and clear text passwords of users are also among the leaked data. 

Xmas Greeting to the ESA: Anonymous

The third file contains names, emails and clear-text passwords of 8000+ subscribers. The leaked data is available here → Database | Officials’ data | Subscribers’ data.

In an exclusive conversation with Anonymous, HackRead was told that:

Because Xmas is coming and we had to do something for fun so we did it for the Lulz.

The Anonymous hackers behind this attack are the same guys who were behind the data breach of the officials at United Nations Climate Conference (Cop21) and World Trade Organization.

Though the hack was conducted for fun, it exposes the approach of site admins to keep the users’ data secure. Such breaches pose a greater threat for users’ online security and privacy. Cyber criminals can use the data to launch phishing and identity theft scams on a large scale. 

Waqas

Waqas Amir is a Milan-based cybersecurity journalist with a passion for covering latest happenings in cyber security and tech world. In addition to being the founder of this website, Waqas is also into gaming, reading and investigative journalism.