ESAE A.I CyberSecurity Scoring
ESAE
Company Information
Website:http://www.esa.int
Employees number:6,584
Number of followers:898,528
NAICS:9271
Industry Type:Space Research and Technology
Homepage:esa.int
ESAE Risk Score (AI oriented)
Between 600 and 649
ESAESpace Research and Technology
Updated:
01/04/2026
01/04/2026
641/1000
Poor
Caa
ESAE Global Score (TPRM)
xxxx
ESAESpace Research and Technology
Score locked

ESAEPoor
Current Score
641Caa (POOR)
01000
4 incidents
-53.33 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
651
JUNE 2026
649
MAY 2026
646
APRIL 2026
644
MARCH 2026
641
FEBRUARY 2026
638
JANUARY 2026
636
DECEMBER 2025
680
Breach
26 Dec 2025 • ESAE
European Space Agency: ESA Says Data Breach Was Limited to Servers with Unclassified Documents
European Space Agency (ESA) Data Breach
632
CRITICAL-48
EUR1767094956
ESA Confirms Limited Data Breach Affecting Science Servers
The European Space Agency (ESA) has acknowledged a data breach affecting a small number of its science servers, following reports of stolen data being offered for sale online. On 26 December, a hacker using the alias “888” claimed to have compromised over 200 gigabytes of ESA data, including proprietary source code, project documentation, API tokens, and hardcoded credentials.
In a statement issued on 29 December, ESA confirmed awareness of the allegations and launched a forensic investigation. By 30 December, the agency reported that the breach appeared to impact only a “very limited number of science servers,” which operate outside its corporate network. These servers support unclassified collaborative engineering projects within the scientific community.
ESA described the incident as having a “limited” impact, noting that affected stakeholders had been notified and short-term remediation measures were implemented. The agency continues its forensic analysis and has indicated further updates will follow as the investigation progresses.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
NOVEMBER 2025
678
OCTOBER 2025
676
SEPTEMBER 2025
720
Breach
01 Sep 2025 • ESAE
Deimos Imaging, SpaceX, Teledyne, Airbus Group, Thales Alenia Space, European Space Agency and SkyLabs: Criminal probe sought by European Space Agency over Scattered Lapsus$ Hunters breach
ESA Data Breach by Scattered Lapsus$ Hunters
672
CRITICAL-48
DEISPATELAIRTHAEURSKY1767888882
ESA Faces Criminal Inquiry Over Alleged 500GB Data Breach by Scattered Lapsus$ Hunters
The European Space Agency (ESA) is set to launch a criminal investigation following claims by the hacking group Scattered Lapsus$ Hunters that they exfiltrated 500GB of sensitive data from its servers in September. The breach, reportedly exploiting an unpatched vulnerability, has raised concerns over the exposure of critical space program information.
While ESA has not confirmed the attackers’ assertions, leaked data samples shared by the group include internal files from major contractors such as Airbus Group, SpaceX, Teledyne, Deimos Imaging, Thales Alenia Space, and SkyLabs. The compromised data allegedly contains operational procedures, details on Earth Observation satellite constellations, system capabilities, security protocols, and mission-specific files related to ESA’s space programs.
This incident follows ESA’s recent acknowledgment of a separate breach involving external servers, where over 200GB of purportedly stolen data was leaked on BreachForums. The full scope and impact of the breach remain under scrutiny as authorities prepare to investigate.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
AUGUST 2025
783
Breach
18 Aug 2025 • ESAE
Canadian Investment Regulatory Organization: 750,000 Impacted by Data Breach at Canadian Investment Watchdog
CIRO Data Breach Exposes Personal Information of 750,000 Individuals
719
CRITICAL-64
CIR1768585990
CIRO Data Breach Exposes Personal Information of 750,000 Individuals
The Canadian Investment Regulatory Organization (CIRO) disclosed a data breach on August 18, 2025, revealing that hackers accessed the personal information of approximately 750,000 individuals in an August cyberattack. The breach stemmed from a sophisticated phishing incident, which led to temporary system shutdowns, though CIRO confirmed its critical regulatory functions remained unaffected.
According to CIRO, the compromised data includes sensitive details such as annual income, dates of birth, government-issued ID numbers, phone numbers, investment account numbers, social insurance numbers, and account statements information collected during routine regulatory and compliance activities. The organization clarified that passwords, PINs, and security questions were not exposed, as CIRO does not store such data.
While CIRO reported no evidence of data misuse or dark web exposure, it continues to monitor for malicious activity. Impacted individuals clients and former clients of CIRO dealer members are being notified and offered two years of free credit monitoring and identity theft protection services. An FAQ page has also been published to provide further details.
CIRO, a pan-Canadian self-regulatory body overseeing investment and mutual fund dealers, stated that the incident is contained with no active threat remaining in its environment. The breach follows a series of recent cybersecurity incidents affecting financial and healthcare sectors globally.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
DECEMBER 2015
789
Breach
01 Dec 2015 • ESAE
European Space Agency - ESA
European Space Agency Data Breach
736
CRITICAL-53
EUR1221261023
The Personal Information of 1000 subscribers and officials has been exposed after the European Space Agency's subdomains were breached by the organization Anonymous.
To get access to the subdomains' backend and extract data from the database, the hackers took advantage of a blind SQL vulnerability.
Data from subscribers, officials' personal information, and the website's database were among the three files into which Anonymous dumped the stolen material.
According to the findings, the compromised material contained details about public servants who might be the subject of espionage plots by criminal organizations or nation-state actors.
INCIDENT DETAILS -
TYPE
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for ESAE ??
What was ESAE's A.I Rankiteo Cyber Score in June 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in May 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in April 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in March 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in February 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in January 2026 ??
What was ESAE's A.I Rankiteo Cyber Score in December 2025 ??
What was ESAE's A.I Rankiteo Cyber Score in November 2025 ??
What was ESAE's A.I Rankiteo Cyber Score in October 2025 ??
What was ESAE's A.I Rankiteo Cyber Score in September 2025 ??
What was ESAE's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on ESAE's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with ESAE ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view ESAE's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?