🚨EU Hack! Data Breach & Massive Leak 💥
Tech
🎧
Following a reported hack, the European Commission confirmed a breach of the Europa.eu website. Initial investigations revealed unauthorized access to at least one Amazon Web Services account. The Commission stated that the incident did not disrupt any Europa websites and that containment measures were swiftly implemented. Early findings indicated data theft from associated websites. A threat actor claimed responsibility, alleging the exfiltration of over 350 gigabytes of data, including employee information and confidential documents. The actor published a substantial archive of stolen files, further fueling concerns about the compromised cloud environment. The Commission is currently notifying potentially affected parties.
EUROPA.EU BREACH: INITIAL FINDINGS AND RESPONSE
The European Commission has confirmed a data breach affecting at least one of its Amazon Web Services (AWS) accounts, as initially reported by BleepingComputer. This incident, which occurred on Friday, has prompted a swift and comprehensive response from the Commission’s cybersecurity teams. Initial investigations indicate that data has been extracted from the compromised websites, and the Commission is actively notifying affected Union entities. The Commission emphasizes that its internal systems remained untouched by the cyber-attack and that immediate measures were implemented to contain the breach and prevent further data theft. Ongoing analysis will focus on bolstering cybersecurity protocols and enhancing overall system security.
DATA EXFILTRATION DETAILS AND ATTRIBUTION
The attackers, identified as the data extortion group ShinyHunters, reportedly stole over 350 GB of data before their access was terminated. They provided evidence, including screenshots, demonstrating their access to data belonging to European Commission employees. ShinyHunters has subsequently added the European Commission to its dark web leak site, boasting the theft of “data dumps of mail servers, databases, confidential documents, contracts, and much more sensitive material.” This archive contains over 90GB of files, allegedly originating from the Commission’s compromised cloud environment. Notably, ShinyHunters has a history of targeting high-profile organizations, including Infinite Campus, CarGurus, Canada Goose, Panera Bread, Betterment, SoundCloud, PornHub, and the online dating giant Match Group (which encompasses Tinder, Hinge, Meetic, Match.com, and OkCupid). This pattern suggests a sophisticated and potentially well-resourced threat actor.
RECENT BREACHES AND BROADER SECURITY CONTEXT
Beyond the Europa.eu incident, the European Commission has faced a series of other security breaches in recent months. In February, a vulnerability was discovered within the mobile device management platform utilized to oversee staff devices, leading to a successful hack. Furthermore, ShinyHunters’ activities extend beyond the European Commission, encompassing large-scale vishing campaigns targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google across over 100 high-profile organizations. These coordinated attacks highlight the evolving tactics employed by cybercriminals. The timing of this breach coincides with the Commission’s proposal for new cybersecurity legislation, designed to strengthen member states’ defenses against state-backed actors and cybercrime groups targeting critical infrastructure. This suggests a strategic response to a growing and increasingly complex threat landscape.
This article is AI-synthesized from public sources and may not reflect original reporting.