It is reported that yesterday theEuropean Space Agency (ESA) websitewas compromised by a hacker, opening up sensitive project logs and exposing hundreds of email addresses and passwords associated with some of Europe’s top science institutes.

The hacker, known by the alias TinKode, posted a full disclosure of the attackon his website, highlighting FTP accounts, database users, hashed passwords as well as SHA1-hashed server root password. Perhaps a little more worrying for the ESA was that fact the attacker was also able to access some of the agency’s space projects including satellite activities, calibration sources and environmental details.

Despite showcasing the data stolen in the attack, the hacker did not disclose how the ESA website was compromised.

Administrator and editor credentials were discovered to be in plain text, as were user email addresses and passwords, which look to consist of serveral CERN science institute employees, staff at defence corporation BAE Systems and many other contractors and companies linked to the agency.

In an edit to the blog post, TinKode notes that an email had been sent to the European Space Agency, notifying them of the breach. At the time of writing, the website remains live, suggesting ESA employees have identified and patched issues allowing unauthorised access.

Story byMatt Brian

Matt is the former News Editor for The Next Web. You can follow him on Twitter, subscribe to his updates on Facebook and catch up with him(show all)Matt is the former News Editor for The Next Web. You can follow him onTwitter, subscribe to his updates onFacebookand catch up with him onGoogle+.

Get the TNW newsletter

Get the most important tech news in your inbox each week.