Data Breaches

ShinyHunters Claims Council of Europe Hack

The extortion group threatens to leak 297 GB of data allegedly stolen from the Council of Europe, including employee personal information.

Ionut Arghire

Published

3 days ago

European Union (EU)

The notorious extortion group ShinyHunters claims to have hacked the Council of Europe and to have stolen nearly 300 gigabytes of data.

Europe’s leading human rights organization and an official United Nations observer, the Council of Europe was founded in 1949 and includes 46 member states, including 27 European Union countries.

On Sunday, ShinyHunters added the Council of Europe to its Tor-based leak site, threatening to release more than 297 GB of data allegedly stolen from the organization’s network.

The hacking group says it exfiltrated over 429,000 files across various departments, including HR, Secretariat, Parliamentary Assembly, and the European Directorate for the Quality of Medicines & HealthCare.

The files allegedly include the payroll data of more than 10,000 Council employees from 2011 to 2026, over 14,000 CVs, contract and purchase order records, absence and illness reports, bank account information, performance evaluations, and payroll exports.

Additionally, the hacking group says the stolen data includes employee names, IDs, addresses, phone numbers, dates of birth, tax and social security information, and medical records.

Advertisement. Scroll to continue reading.

ShinyHunters says it will release the stolen data publicly if the Council of Europe does not contact it by June 16 to begin negotiations.

“We are currently investigating the matter and assessing the situation. We have no further comment to make at this stage,” the Council of Europe said, responding to a SecurityWeek inquiry.

Since mid-2025, the extortion group has been linked to multiple high-profile intrusions, mainly targeting Salesforce customers, including Carnival, Canvas, Grafana, CarGurus, Panera Bread, and other incidents.

Last week, Google confirmed that a new ShinyHunters campaign exploited a zero-day vulnerability in Oracle PeopleSoft, likely impacting 100 organizations.

*Updated with statement from the Council of Europe.

In this article:Council of Europe, data breach, EU, ShinyHunters

Data Breaches

Kodak Admits Data Breach After ShinyHunters Hack Claims

Kodak told SecurityWeek it believes there is no threat to its systems or operations as a result of the cybersecurity incident.

Eduard Kovacs4 hours ago

Data Breaches

iRhythm Confirms Data Stolen in Hack

The digital health company said it learned of the breach on June 8 and the attackers demanded a ransom.

Eduard Kovacs2 days ago

Data Breaches

Cybercrime Group Claims Novo Nordisk Hack

The hack-and-leak group FulcrumSec claims to have stolen 1.3TB of data from the pharmaceutical giant.

Ionut Arghire2 days ago

Data Breaches

Ozempic Maker Novo Nordisk Says Hackers Breached IT Systems

The pharmaceutical giant says the attackers gained access to personal data stored on the compromised systems.

Eduard Kovacs3 days ago

Data Breaches

French Government Messaging Platform Breached by Mysterious ‘Misere’ Hacker

French officials say roughly 73,000 government accounts were affected, while the threat actor claims to have stolen messages and user data from the sovereign...

Kevin Townsend3 days ago