European Commission hit by "significant" cyber attack

Pedestrian walks outside of the European Commission's building in Brussels, Belgium.
(Image credit: Shutterstock)

The European Commission (EC) and other EU institutions have been hit by a cyber attack.

An EC spokesperson told IT Pro that an “IT security incident” had affected a number of EU institutions, bodies, and agencies’ IT infrastructure.

Forensic analysis is still in its “initial phase” and at this stage, it is too early to provide any “conclusive information”.

“We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and agencies and the vendor of the affected IT solution,” said the spokesperson.

The Commission has also set up a 24/7 monitoring service and is “actively taking mitigating measures”.

“Thus far, no major information breach was detected,” the spokesperson added. “Let me use this occasion to recall that we take cyber security very seriously and apply strict policies to protect our infrastructures and devices. We investigate every incident.”

Although not confirmed by the EC spokesperson, Bloomberg reports that the "significant" cyber attack hit the EU organisations last week.


Taking a proactive approach to cyber security

A complete guide to penetration testing


The EC did not provide any information on the nature of the incident or the identity of the attackers who carried out the attack.

Last December, hackers accessed documents related to COVID-19 vaccines after a cyber attack hit the European Medicines Agency (EMA). The EMA reported it has suffered an attack and was working with law enforcement to investigate the incident. The UK’s National Cyber Security Centre (NCSC) was working to understand how the incident impacted the UK.

Furthermore, the University of Northampton declared last month that it had been hit by a cyber attack that disrupted its IT and telephone systems and servers. It had notified the ICO and was liaising with the police to investigate the attack further. The NCSC has said there has been an increased number of ransomware attacks on the UK education sector.

Zach Marzouk

Zach Marzouk is a former ITPro, CloudPro, and ChannelPro staff writer, covering topics like security, privacy, worker rights, and startups, primarily in the Asia Pacific and the US regions. Zach joined ITPro in 2017 where he was introduced to the world of B2B technology as a junior staff writer, before he returned to Argentina in 2018, working in communications and as a copywriter. In 2021, he made his way back to ITPro as a staff writer during the pandemic, before joining the world of freelance in 2022.