Anonymous has had a busy week. First the hacktivists spent Friday mocking ISIS, then they took down the Trump Tower website. And before the weekend was out, the group infiltrated the European Space Agency's database, apparently just to keep their skills on point, reports Inverse. "Because Xmas is coming and we had to do something for fun so we did it for the lulz," is the reason an alleged Anonymous member gave to HackRead for posting the names, email addresses, passwords, and other info for "thousands" of ESA officials and subscribers online. Two things made this attack stand out: first, that the space agency was a puzzling target, and second, that ESA's cybersecurity is pretty shoddy. So shoddy, in fact, that an analysis by CSO found that of the 8,100-plus passwords exposed, almost 40% of them were three-character codes such as "esa"—child's play for hackers.
It took just a blind SQL vulnerability for the intruders to "get access to just about everything," though that doesn't actually give Anonymous major points in Inverse's eyes. After all, after setting the lofty goal of taking down ISIS, "they're back beating up government agencies with lousy IT departments." Although Inverse acknowledges that the hack could prove valuable in the end to ESA for exposing its weaknesses, it doesn't bode well for Anonymous in demonstrating "an organization with anything resembling accountability or priorities. Sharpening one's skills on a space agency is one thing if those skills then become the point of the spear in a battle against evil and another if not. So far, the world has only seen not." (A rogue hacking group may be more useful than Anonymous for going after ISIS.)