THE European Commission confirmed a cyberattack affecting part of its cloud infrastructure hosting the Europa[.]eu websites, detected on 24 March 2026 and now contained with mitigation measures in place. According to the European Commission’s press release, early findings suggest data have been taken from those websites and notified to potentially affected Union entities. The Commission said its internal systems were not affected, and it will continue monitoring the situation while strengthening protections.
BleepingComputer is cited in the article as reporting that the attacker gained access to the Commission’s Amazon Web Services account and claimed to have stolen over 350 GB of data, including databases, though the exact type of stolen data remains unclear; AWS itself said it did not suffer a security incident. The article also notes that on 30 January 2026 the Commission detected another cyberattack on its mobile device management system, which was contained within nine hours and did not compromise devices.