The European Space Agency (ESA) is grappling with a significant security breach after 500 GB of sensitive data was stolen. The breach was executed by a group called Scattered Lapsus$ Hunters, which reportedly gained access to ESA's servers back in September by exploiting a known vulnerability. This stolen data includes operational procedures, spacecraft mission details, and proprietary information from key contractors like SpaceX and Airbus. Alarmingly, the attackers claim that the security vulnerability remains unpatched, allowing ongoing access to ESA’s systems. This incident follows closely on the heels of another breach where over 200 GB of ESA data was listed for sale on BreachForums. The recent theft includes a range of sensitive documents related to various ESA missions, such as Greece's national space program and missions aimed at understanding Earth's radiation. The extortionists allege that ESA has been aware of this breach for at least a week and has even downloaded some of the stolen data. ESA's history of security issues adds to the severity of this situation. The agency has faced multiple breaches over the years, with incidents dating back to 2011. Past breaches include a compromised online store in 2024 and a SQL vulnerability in 2015 that leaked information from thousands of users. Each incident raises concerns about ESA's cybersecurity measures and its ability to protect sensitive information related to critical space missions.