European Commission confirms Europa.eu web platform hacked as ShinyHunters claims responsibility; says: Ongoing investigation suggest...
The European Commission has confirmed that its Europa.eu web platform was hit by a cyberattack , with early findings suggesting data was stolen from the cloud infrastructure hosting the site. The data extortion group ShinyHunters has claimed responsibility for the breach.
The attack, discovered on March 24, targeted the Commission's Amazon Web Services account before being detected and contained. The Commission said its internal systems were not affected, but acknowledged that data had likely been taken from the Europa websites—which host pages for the European Parliament, Council of the EU, and other institutions.
"The Commission is duly notifying the Union entities who might have been affected by the incident," the EU's executive body said in a statement. It added that it would analyse the breach to "further enhance its cybersecurity capabilities."
ShinyHunters claims over 350GB of stolen data, including employee records and internal documents
The threat actor behind the breach told BleepingComputer that they had exfiltrated over 350GB of data before their access was cut off. That haul reportedly includes databases, employee information, mail server dumps, confidential documents, and contracts. ShinyHunters has since posted an entry on its dark web leak site and released a 90GB archive of files it says were taken from the Commission's compromised cloud environment.
Amazon Web Services said the hack resulted from compromised account credentials, not a flaw in its own systems.
Second breach in months raises questions about EU's cloud security posture
This is the second data breach the Commission has disclosed in recent months. In January, another incident potentially exposed limited staff contact details through a compromised mobile device management platform. The back-to-back incidents come at an awkward time—the Commission itself has been pushing new cybersecurity legislation to strengthen member states' defences against state-backed actors and cybercrime groups.
ShinyHunters has been on a tear recently, claiming breaches at CarGurus, Canada Goose, Panera Bread, SoundCloud, and Match Group, among others. Several of those attacks were reportedly linked to a large-scale voice phishing campaign targeting single sign-on accounts at Okta, Microsoft, and Google.
The attack, discovered on March 24, targeted the Commission's Amazon Web Services account before being detected and contained. The Commission said its internal systems were not affected, but acknowledged that data had likely been taken from the Europa websites—which host pages for the European Parliament, Council of the EU, and other institutions.
"The Commission is duly notifying the Union entities who might have been affected by the incident," the EU's executive body said in a statement. It added that it would analyse the breach to "further enhance its cybersecurity capabilities."
ShinyHunters claims over 350GB of stolen data, including employee records and internal documents
The threat actor behind the breach told BleepingComputer that they had exfiltrated over 350GB of data before their access was cut off. That haul reportedly includes databases, employee information, mail server dumps, confidential documents, and contracts. ShinyHunters has since posted an entry on its dark web leak site and released a 90GB archive of files it says were taken from the Commission's compromised cloud environment.
Amazon Web Services said the hack resulted from compromised account credentials, not a flaw in its own systems.
Second breach in months raises questions about EU's cloud security posture
This is the second data breach the Commission has disclosed in recent months. In January, another incident potentially exposed limited staff contact details through a compromised mobile device management platform. The back-to-back incidents come at an awkward time—the Commission itself has been pushing new cybersecurity legislation to strengthen member states' defences against state-backed actors and cybercrime groups.
ShinyHunters has been on a tear recently, claiming breaches at CarGurus, Canada Goose, Panera Bread, SoundCloud, and Match Group, among others. Several of those attacks were reportedly linked to a large-scale voice phishing campaign targeting single sign-on accounts at Okta, Microsoft, and Google.
Next Story