JAXA Cyberattack: Hackers Breach Accounts of Top Officials, Exposing Sensitive Space and Defense Data
The Japan Aerospace Exploration Agency (JAXA) has become the target of a series of sophisticated cyberattacks, resulting in the hijacking of accounts belonging to high-ranking officials, including President Hiroshi Yamakawa and four other board members. Japanese news outlet Asahi Shimbun reported that this alarming breach is part of a broader cyber assault on the agency, which has seen four distinct attacks since June 2023.
The most damaging of the attacks occurred in June, during which personal data belonging to around 5,000 JAXA employees and associated company personnel were stolen. As JAXA’s internal investigation revealed, approximately 200 accounts were compromised, with over half of the nine-member board of directors targeted. These compromised accounts provided the threat actors with access to critical strategic information related to space exploration, national security, and external negotiations.
Among the stolen credentials were those of board members involved in key policy-making and budget affairs. The attackers exploited these high-level accounts to infiltrate highly sensitive areas of JAXA’s operations.
Further investigation into the June breach uncovered that the hackers had exploited Microsoft cloud services used by JAXA. An estimated 10,000 files were accessed without authorization, with over 1,000 of those documents provided by external partners. The files in question came from more than 40 companies and organizations, including NASA, the European Space Agency (ESA), Toyota Motor Corp., Mitsubishi Heavy Industries, and Japan’s Defense Agency.
The implications of this breach are far-reaching, especially for JAXA’s partnerships with these organizations. One of the most concerning aspects of the attack is its potential impact on the Artemis lunar exploration program, a collaborative project between NASA and JAXA.
The leaked files are believed to contain critical information about space exploration and defense technology, including files linked to NASA and Mitsubishi Heavy Industries. Projects within JAXA’s Strategic Planning and Management Department, as well as the Human Spaceflight Technology Directorate, were severely affected by the breach.
Despite the severity of the breach, JAXA confirmed in a preliminary report released in July that no major operational disruptions have occurred at the affected entities. However, officials are still assessing the full extent of the data loss and the potential long-term implications of the cyberattack.
