Summary: NASA and the European Space Agency (ESA) have confirmed they were recently hacked. The hacking group The Unknowns says most of the 10 companies it attacked have patched their systems.

Two of the 10 organizations listed in a recent hack attack have confirmed the alleged security breaches. Furthermore, the new hacker group The Unknowns behind the attack says many of the systems have now been patched, which was supposedly their goal.

Earlier this week, The Unknowns claimed to have hacked 10 organizations around the world, gaining administrator access for all and leaking data for some. In addition to revealing how to access the computer systems of the organizations in question, The Unknowns also posted screenshots showing they gained accessed to each and every one.

The group even put together 250MB worth of military documents from their hacks and uploaded the collection to MediaFire. Some of the leaked documents were several years old, but there were also a few from earlier in 2012.

The Unknowns listed 10 victim websites for which it publicly posted administrator accounts and passwords:

For the NASA hack, the group also decided to leak one of the research centers databases. They released names, employers, home addresses, and e-mail addresses of 736 victims on Pastebin. ESA is the other organization for which they also leaked more data, also via Pastebin. Both NASA and ESA have now confirmed the attacks.

NASA security officials detected an intrusion into the site on April 20 and took it offline, a NASA spokesperson said in a statement. The agency takes the issue of IT security very seriously and at no point was sensitive or controlled information compromised. NASA has made significant progress to better protect the agencys IT systems and is in the process of mitigating any remaining vulnerabilities that could allow intrusions in the future.

The group used SQL injection The use of SQL injection is an admitted vulnerability, ESA security office manager Stefano Zatti told ZDNet UK. This needs to be addressed at a coding level.

In their original message, the group said the goal of their attacks is to improve the state of online security around the globe. Since my first article, The Unknowns Twitter account, which has gained some 200 followers since it was created this week, has sent out the following tweets:

For all the people out there who want me to support them with their Hacking knowledge, in any way, please stop doing that, I wont answer. Informing you that the link we used to penetrate threw the ESETs Database is no more Vulnerable. This really a great thing to know For all the people out there that are asking us to check if their website is well secured; we will get to you as fast as we can.. Were soon going to email our Victims informing them on how we penetrated threw their Databases, they will get all the info they need. The Unknowns – Message: http://pastebin.com/biNMb7gf @TheHackersNews @FoxNews @5_News @BreakTheSec

See the original post: