European Space Agency hit again as cybercriminals claim 200 GB data up for sale(www.theregister.com)
43 pointsby smurda6 hours ago5 comments
  • krick4 hours ago
    Was going to ask what's the data, but

    > Compromised Data: Source Codes, CI/CD Pipelines, API Tokens, Access Tokens, Confidential Documents, Configuration Files, Terraform Files, SQL Files, Hardcoded Credentials and more!

    Yeah, right. No wonder nobody bothered to buy and take a look. More of an insult to ESA, than a "data breach".

  • guessmyname4 hours ago
    > Compromised Data: Source Codes, CI/CD Pipelines, API Tokens, Access Tokens, Confidential Documents, Configuration Files, Terraform Files, SQL Files, Hardcoded Credentials and more!

    And who is going to buy this (useless) data exactly? (half joking)

  • amelius5 hours ago
    Pay them a one-way ticket into space.
  • zb35 hours ago
    Shouldn't this data be public anyway?
    • ahsillyme4 hours ago
      More or less. Unless it's something to do with the employee's privacy or something to that effect. Doesn't mean the criminals are the good guys here, since they're trying to make bank on it instead of releasing it to the public -- if it's something that the public has an interest in.
    • victorbjorklund4 hours ago
      Terraform files? Seems waste of time to have to make it public.
    • wtcactus3 hours ago
      No, not really. The science products eventually become public (after 1st access right by contributing nations). But why would the API keys (for instance) ever be public?
  • egorfine6 hours ago
    > didn't hear back, with an automated response informing us that the Agency's offices are closed for the New Year holiday

    This is so on-brand for EU organizations.

    • eterm5 hours ago
      You say that as if it's a bad thing?
      • egorfine5 hours ago
        In this context (massive data breach) - it is.
        • PunchyHamster3 hours ago
          It's noncritical infrastructure by every definition and data was already stolen, waking up a PR guy to put something on their page is a waste of everyone's time
        • lillecarl4 hours ago
          Ah yes, responding to the media during holidays will make the data crawl back to their servers!
          • blell4 hours ago
            If this were a private business, people would be piling on and calling for the executives to face a firing squad.
            • nubg4 hours ago
              "People" here meaning in particular the types that frequent this very message board.
            • pavel_lishin3 hours ago
              You can find a certain group of people to pile on for anything.
        • monkey_monkey4 hours ago
          What does their comms team have to do with the massive data breach?
          • egorfine3 hours ago
            Answers. These guys can provide answers to the public.
            • barrucadu3 hours ago
              Are these answers so critical they're needed on a holiday?
              • egorfine3 hours ago
                I don't know. There's nobody in the comms team to answer this question.
            • monkey_monkeyan hour ago
              OK, so nothing to do with the massive data breach. But hey, you just really want to make a point about how upset you are that Europeans having decent work/life balance, so there's not point continuing to expose your little agenda.
      • monkey_monkey5 hours ago
        [flagged]
    • 3 hours ago
      undefined