ESA Cyberattack Leaks 700GB; What This Means for Airbus and SpaceX Security

ByUjjwal Sukhwani•January 19, 2026 at 01:31 AM•2 min read

TECHNOLOGY ESA Cyberattack Leaks 700GB; What This Means for Airbus and SpaceX Security

European Space Agency (ESA) suffered a major cyberattack, leaking up to 700GB of data connected to partners like Airbus and SpaceX, raising aerospace industry cybersecurity concerns.

Key Points

1Up to 700 gigabytes of classified data were leaked from ESA following two separate hacker claims.
2The data leak directly impacts major aerospace partners, including Airbus, SpaceX, and Thales Alenia Space.
3Cyberattacks in the broader aviation and aerospace sector are surging, with one report noting a 600% year-on-year increase in recent times.
4The incident underscores the critical need for better supply chain risk management and addressing poor cyber-hygiene practices.

A major cyberattack recently struck the European Space Agency (ESA). Hackers gained access to their systems. They leaked hundreds of gigabytes of classified data. This incident raises serious concerns for the entire space domain.

Details of the Data Leak

The initial breach reportedly occurred on Boxing Day. A hacker known as “888” released over 200 gigabytes of data. Soon after, a group called Scattered Lapsus$ Hunters claimed responsibility. They claimed to have released a total of about 500 gigabytes more. The combined data leak is estimated at up to 700 gigabytes.

Stolen files include scientific data and proprietary software. Credentials and internal mission documents were also compromised. The leaked data has direct connections to ESA's key contractors. These include major aerospace entities like Airbus, SpaceX, and Thales Alenia Space.

ESA has since opened a criminal investigation into the incident. The agency stated there is “currently no direct operational threat.” However, security experts warn that multiple data leaks may reveal strategic information.

Broader Cybersecurity Risk for Aerospace

This European Space Agency cyberattack highlights a growing problem. Cyberattacks on space organizations are rising in number. Both ESA and NASA have been frequent targets in recent years.

The aerospace industry cybersecurity risk is high. The aviation sector saw a reported 131% rise in cyberattacks between 2022 and 2023. Another report noted a 600% year-on-year increase in attacks from 2024 to 2025. This trend affects airframers, airlines, and their suppliers.

The Supply Chain Vulnerability

Experts believe weaknesses may exist within ESA’s own systems. They also point to contracted third-party companies. The interconnected nature of the space and aviation sector is a major factor. A single weak link can create widespread vulnerability.

This supply chain risk management is a top concern. Aviation-specific software vendors often score lowest on security ratings. This poses substantial third-party risks for their airline customers.

The breach allegedly exploited a known, unpatched security bug.
Attacks often target poor cyber-hygiene practices.
Infostealer malware can silently steal proprietary software credentials.

Regulatory bodies are now increasing security requirements. The U.S. TSA introduced new mandates in 2023. The E.U.’s Implementing Regulation 2023/203 will take effect in 2026. These rules set a new standard for information security risk management. The goal is to protect critical infrastructure from rising aviation sector cyberattacks.

flying.flights is your source for accurate commercial aviation news and global aviation updates.