European Space Agency hacked, data was leaked online

Online hacktivist Anonymous have hacked the European Space Agency and access the database. They hacked into the database of due.esrin.esa.int, exploration.esa.int, sci.esa.int websites using blind SQL injection vulnerability.

It was also confirmed that this is fresh breach and leaked data was never found online. It confirms that claims to hack ESA are right. Three files containing full names, email ids, office addresses, institution names, phone numbers and fax numbers of hundreds of registered users were leaked. One file also contained email and plain text password of thousands of subscribers.

The leaked data is available here→ Database | Officials’ data |Subscribers’ data.

Hackers talked to the folks are Hackread and confirmed that they performed hack just to entertained them.

“BECAUSE XMAS IS COMING AND WE HAD TO DO SOMETHING FOR FUN SO WE DID IT FOR THE LULZ,” hackers told to Hackread.

This hack again shows how big companies treat security in light way. SQL injection is one of the most talked vulnerabilities. Still, site admin couldn’t fix it in their websites. I am still not able to understand why big companies ignore data security. They should have a proper security team which should keep on checking and fixing vulnerabilities.

Source: HackRead