THE European Commission has admitted that hackers may have taken data from the cloud infrastructure hosting its Europa[.]eu platform, with the attack discovered on 24 March and the Commission stating it took immediate steps to investigate and contain the breach, according to Infosecurity Magazine. It notes that the commission’s swift response helped contain the incident and protect services and data without disrupting the Europa websites.
Early findings suggest data has been taken from those websites, and the commission is notifying Union entities likely affected while continuing to assess the full impact, the article adds. Screenshots posted to X claim that the extortion group ShinyHunters has compromised over 350GB of EC data, including mail servers, databases and confidential documents, with some screenshots allegedly showing employees’ PII.
Security researchers cited by the publication claim the hackers accessed emails, DKIM keys, internal admin URLs, and data from NextCloud and the Athena financing mechanism, with a full SSO user directory possibly taken. according to Infosecurity Magazine