Data Breaches

European Commission Reports Cyber Intrusion and Data Theft

The ShinyHunters hacker group claimed to have stolen over 350GB of information from European Commission cloud systems.

European Union cybersecurity

The European Commission, the EU’s executive branch, has confirmed being targeted in a cyberattack that impacted its cloud infrastructure, as hackers claimed to have stolen hundreds of gigabytes of data.

In a statement issued on Friday, the European Commission (EC) said the attack affected cloud infrastructure hosting its web presence on the Europa.eu platform, but noted that its public websites were not disrupted. 

“Early findings of our ongoing investigation suggest that data have been taken from those websites. The Commission is duly notifying the Union entities who might have been affected by the incident. The Commission’s services are still investigating the full impact of the incident,” the Commission stated.

It added, “The Commission’s internal systems were not affected by the cyber-attack.”

European Commission hacked

A message posted over the weekend on the website of the ShinyHunters cyber extortion group claimed more than 350GB of data were stolen, “including data dumps of mail servers, databases, confidential documents, contracts, and much more sensitive material”.

Bleeping Computer learned from the hackers that they targeted the EC’s AWS accounts.

AWS stated that it “did not experience a security event”, noting that its services “operated as designed”.

Advertisement. Scroll to continue reading.

This statement indicates that the attackers leveraged a compromised account or a security misconfiguration to gain access to the Commission’s systems, rather than by exploiting a vulnerability in AWS products or services.

This is the second data breach confirmed by the EC this year. In February, CERT-EU reported discovering evidence of an intrusion into the Commission’s IT infrastructure, with hackers potentially accessing personal information belonging to some staff members.

Related: Poland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the Energy Sector

Related: EU Sanctions Chinese, Iranian Firms Supporting Hacking Operations

Related: EU Plans Phase Out of High Risk Telecom Suppliers, in Proposals Seen as Targeting China

Related: Traveler Information Stolen in Eurail Data Breach

Related Content

Cybercrime

In April, ShinyHunters accessed the company’s corporate IT systems and stole patients’ personal and medical information.

Data Breaches

Hackers accessed the insurance giant’s policyholder portal multiple times between June 15 and June 25.

Data Breaches

Only a handful of the 100 organizations targeted in the PeopleSoft campaign have been confirmed.

Data Breaches

The ShinyHunters extortion group claims to have stolen 3.1 TB of data from the organization.

Data Breaches

Roughly two dozen companies have notified their customers of the Klue-Salesforce incident impact.

Data Breaches

Over a dozen Klue customers have confirmed that hackers stole data from their Salesforce instances.

Data Breaches

Hackers stole customers’ names, addresses, email addresses, phone numbers, and account information.

Data Breaches

Threat actors gained access to personal and protected health information that Xsolis received from its clients.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Exit mobile version