As in past incidents, ESA says the impact was limited to external systems

The European Space Agency has suffered yet another security incident and, in keeping with past practice, says the impact is limited. Meanwhile, miscreants boast that they've made off with a trove of data, including what they claim are confidential documents, credentials, and source code.

While the ESA said it's aware of a security incident, it added in an X post Tuesday that the breach may have impacted only "a very small number of external servers" used to support unclassified engineering and scientific collaboration.

"We have initiated a forensic security analysis—currently in progress—and implemented measures to secure any potentially affected devices," the ESA added. "All relevant stakeholders have been informed, and we will provide further updates as soon as additional information becomes available."

That's in contrast to what one cybercriminal posted in their offer of over 200 GB of ESA data for sale on the still-not-dead ...