European Commission Data Breach Confirmed After Hack
▼ Summary
– The European Commission’s Europa.eu web platform was hacked in a cyberattack claimed by the ShinyHunters extortion gang.
– The attackers claim to have stolen over 350 GB of data, including databases and employee information, before being blocked.
– The Commission states its internal systems were not affected and measures were taken to contain the incident and prevent further theft.
– ShinyHunters has added the Commission to its dark web leak site and released over 90GB of allegedly stolen files.
– This incident follows a separate data breach the Commission disclosed in February and occurs amid proposed new EU cybersecurity legislation.
The European Commission has confirmed a significant cybersecurity incident involving its Europa.eu web platform. The breach, attributed to the ShinyHunters extortion gang, compromised at least one of the Commission’s Amazon Web Services (AWS) accounts. While the attack did not disrupt any public-facing Europa websites, officials acknowledged that data was exfiltrated. An internal investigation is ongoing to determine the full scope of the impact, and affected Union entities are being formally notified.
According to a Commission statement, internal systems remained unaffected. Staff acted quickly to contain the incident and prevent additional data theft. The organization emphasized its commitment to analyzing the event thoroughly to enhance its cybersecurity capabilities moving forward. Although the Commission has not released detailed technical information, the threat actors provided evidence to media outlets. They claim to have stolen over 350 GB of data before access was terminated, including databases and sensitive employee information.
The ShinyHunters group has listed the European Commission on its dark web leak site, alleging the theft includes mail server dumps, confidential documents, contracts, and other sensitive material. The gang has published an archive reportedly containing over 90 GB of files taken from the compromised cloud environment. This incident follows a pattern of high-profile attacks by the same group, which has recently claimed breaches at companies including Infinite Campus, CarGurus, Canada Goose, Panera Bread, and the online dating giant Match Group.
Some of these prior breaches were linked to a widespread voice phishing (vishing) campaign targeting single sign-on accounts at major identity providers like Okta, Microsoft, and Google. The campaign impacted over 100 organizations. For the European Commission, this is the second disclosed data breach this year. In February, the institution reported a separate intrusion involving the mobile device management platform used to administer staff devices.
These security lapses come after the Commission proposed new cybersecurity legislation aimed at bolstering member states’ defenses. The proposed rules are designed to counter threats from state-sponsored actors and cybercrime groups targeting critical infrastructure. The recent breach underscores the persistent challenges faced by even the most prominent institutions in securing complex digital ecosystems against determined adversaries.
(Source: BleepingComputer)
