Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

European Space Agency Web Store Hacked

December 26, 2024
Reading Time: 2 mins read
in Incidents
European Space Agency Web Store Hacked

The European Space Agency (ESA) has confirmed a cyberattack on its official online store, which took place on December 24, 2024. The attack involved the injection of a malicious JavaScript code into the checkout process of the ESA merchandise site. This script generated a fake Stripe payment page that appeared legitimate to customers, leading them to unknowingly enter sensitive payment card information. The attack was detected by e-commerce security company Sansec, which identified the unauthorized script and issued a warning regarding the security breach.

The malicious script was designed to collect payment card data at the final stage of the purchase process. The attackers used a domain similar to the legitimate store’s but with a different top-level domain (.pics instead of .com) to exfiltrate the stolen information. The fake Stripe page appeared to be part of the ESA store, which likely led many users to believe their payment information was securely processed. Security experts from Source Defense Research confirmed the findings, further verifying that the fake payment page was served from ESA’s official website.

Following the detection of the breach, ESA’s web store became temporarily unavailable, displaying a message that it was “temporarily out of orbit.” The agency clarified that the store was not hosted on its own infrastructure and that ESA does not manage the data collected by the online store. This indicates that the store is operated by a third-party vendor, potentially complicating the security of sensitive customer information. However, ESA did not provide further details on the vendor or the extent of the attack.

In response to the attack, ESA assured the public that no data was directly managed by the agency and that they would continue to investigate the breach. The compromised store highlights the risks organizations face when relying on third-party systems for handling customer data. Although the malicious script has been removed, the incident underscores the importance of maintaining robust security measures in e-commerce platforms to protect against cyberattacks that can compromise sensitive financial data.

Reference:
  • European Space Agency Web Store Hacked to Steal Payment Card Data from Customers
Tags: Aerospacecyber incidentsCyber Incidents 2024CyberattackDecember 2024E-commerceESAEuropean Space AgencyEuropean UnionJavascript
ADVERTISEMENT

Related Posts

Morrisroe UK Company Hit By Cyber Attack

Boyd Gaming Reports Data Breach After Attack

September 24, 2025
Morrisroe UK Company Hit By Cyber Attack

Morrisroe UK Company Hit By Cyber Attack

September 24, 2025
Morrisroe UK Company Hit By Cyber Attack

GeoServer Flaw Breaches US Agency Network

September 24, 2025
Cyberattack Hits Europe Airport Systems

Cyberattack Hits Europe Airport Systems

September 22, 2025
Cyberattack Hits Europe Airport Systems

Ransomware Gang Hacks Spartanburg County

September 22, 2025
Cyberattack Hits Europe Airport Systems

Steam Game Steals Streamer Donations

September 22, 2025

Latest Alerts

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Subscribe to our newsletter

    Latest Incidents

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial