European Space Agency hack sees official store hijacked to steal customer details
Posted by:
John Harrison
Security researchers have discovered a malicious script on the European Space Agency’s (ESA) web shop, posing a threat to customers’ payment data. The script creates a fake Stripe page during checkout, collecting sensitive information such as credit card details. The ESA website was temporarily taken offline after the attack was reported, with the shop displaying an “Error 503: Service Unavailable” message. ESA clarified that the store is not hosted on its infrastructure, distancing itself from data management. Although no group has claimed responsibility for the incident, the infamous threat actor Magecart is known for similar attacks. Victims of credit card skimming can seek refunds from their banks, but cybercriminals often use the stolen funds for nefarious activities before the cards are blocked. This serves as a reminder to remain vigilant against online threats and ensure the safety of personal data.
Recent Posts1
