EU Faces Cyber Attack and Data Breach

Post Views: 8

European Commission Faces Significant Data Breach, Hundreds of Gigabytes Stolen

The European Commission, the executive branch of the European Union, recently disclosed a significant data breach that compromised its cloud infrastructure and resulted in the theft of hundreds of gigabytes of data.

Preliminary Investigations Suggest Data Were Extracted from Websites

According to an official statement released by the commission, the breach affected cloud infrastructure hosting its web presence on the Europa.eu platform, although its public websites remained operational. Preliminary investigations suggest that data were extracted from these websites, prompting the commission to notify relevant stakeholders, including union entities that may have been impacted by the incident.

Commission’s Internal Systems Were Not Compromised During Attack

Notably, the commission’s internal systems were not compromised during the attack. Hackers associated with the ShinyHunters cyber extortion group claimed responsibility for the breach, stating that over 350 GB of data were stolen, including sensitive materials such as email server dumps, database records, and confidential documents.

According to the commission, “an investigation revealed that the attackers exploited a compromised account or a security misconfiguration to gain unauthorized access to the commission’s systems, rather than exploiting a vulnerability in Amazon Web Services (AWS)”.

This is the second major data breach confirmed by the commission this year, following an earlier incident in February where hackers gained potential access to staff members’ personal information. The European Commission is currently investigating the full extent of the recent breach and its potential consequences.