European Space Agency Website Hacked

[Jack]

The website of the European Space Agency (ESA) has been hacked into and a list of FTP accounts, as well as email addresses and passwords for administrators and editors have been leaked.

The www.esa.int Web server was compromised by a well known Romanian grey hat hacker who uses the online moniker of TinKode.

The hacker posted details of the compromise on his blog in full disclosure style. However, the method he used was not revealed.

The published data includes FTP accounts for a range of ESA subsites with passwords in clear text.

A list of database users with hashed passwords was also disclosed, together with the SHA1-hashed server root password.

The site administrator and editor credentials were exposed in plain text, as well as email addresses and passwords corresponding to website user accounts.

The passwords are in readable form, but TinKode took the measure of partially hiding them before publishing. There is also a list of associated proxy user names and passwords.


More details - link

 

[McLovin]

That is very bad...passwords for people to read

 

[LoftedAphid86]

I seriously wonder why all of these high key sites don't take further steps to stop this happening to their site.
Even anonymous have been thwarted by high security, yet sites don't seem to follow in the survivor's footsteps.

 

[jamescv7]

Yet password/usernames and other sensitive information are leaked. Seriously they must fixed that.

 

[McLovin]

They need to buck up the way they have their security

 

[Jack]

Seems like the hackers are from my country (Romania) ... I wonder how they managed to get access to the FTP accounts

 

[jamescv7]

Probably they guess some passwords and when they typed it activated or something using a tool for there.