The European Space Agency suffers an incident on external servers

The European Space Agency (ESA) confirmed at the end of December 2025 that it had suffered a cybersecurity incident. The ESA issued an official statement acknowledging the incident, which allowed the facts to be contextualized and clarified that it was not a direct attack on its central systems. From that moment on, the event became the subject of monitoring by technological and generalist media due to the strategic relevance of the affected organization.

The incident compromised several external servers used by ESA for technical collaboration and engineering activities, which were not part of its main corporate network. According to information provided by the agency, the affected systems hosted unclassified data and were linked to project development and management tools. A malicious actor claimed to have obtained information such as source code and credentials, although ESA stressed that these claims were being verified. Those most affected were technical teams and collaborators who used these external platforms.

As an immediate response, ESA isolated the compromised servers, initiated a forensic security analysis, reinforced protective measures, and notified potentially impacted parties. At this time, the investigation is ongoing with the goal of determining the actual scope of the unauthorized access and assessing potential information leaks.