Europe’s cybersecurity agency, CERT-EU, has blamed organised cybercriminal groups for a massive data breach involving the European Union’s executive arm.
According to findings, the attackers infiltrated the cloud infrastructure of the European Commission, gaining access to sensitive data hosted on its Europa.eu platform.
The agency disclosed that about 92 gigabytes of compressed data were stolen from a compromised Amazon Web Services account linked to the Commission, with the breach affecting multiple EU institutions and agencies.
CERT-EU attributed the attack primarily to a hacking group identified as TeamPCP, while another notorious cybercrime gang, ShinyHunters, was responsible for publishing the stolen data online.
However, a report noted that the breach potentially impacted at least 29 EU entities, with dozens of internal clients of the Commission also at risk of having their data compromised.
While investigations revealed that the attackers gained access after obtaining a secret API key tied to the Commission’s cloud system. The breach was traced to an earlier compromise of an open-source security tool, which allowed hackers to infiltrate the system and extract sensitive information.
Further analysis showed that the stolen files included emails and personal data such as names and email addresses, raising concerns over possible exposure of confidential information.
CERT-EU said it is currently working with affected organisations to assess the full impact of the breach and mitigate risks associated with the leaked data.
Similarly, the agency described the involvement of multiple hacking groups in the same incident as unusual, noting that cybercriminal networks are increasingly collaborating to exploit vulnerabilities and amplify the scale of attacks.
However, Cybersecurity experts warned that the incident highlights growing threats linked to supply chain attacks, where hackers compromise widely used software tools to gain access to larger systems.
The cyberattack underscores rising concerns over the security of cloud infrastructure and the increasing sophistication of cybercriminal operations targeting government institutions globally..
We’ve got the edge. Get real-time reports, breaking scoops, and exclusive angles delivered straight to your phone. Don’t settle for stale news. Join LEADERSHIP NEWS on WhatsApp for 24/7 updates →
Join Our WhatsApp Channel
