The European Commission has confirmed that it's been hit by a cyber attack on its Europa.eu web platform.
The Europa.eu platform hosts the websites of the Commission itself, along with the European Parliament, European Council, and other EU institutions. The attack, which has been claimed by the ShinyHunters extortion gang, targeted the website's host cloud infrastructure and was detected on 24 March.
"Immediate steps were taken to contain the attack," it said in a statement. "The Commission's swift response ensured the incident was contained and risk mitigation measures were implemented to protect services and data, without disrupting the availability of the Europa websites."
There are signs that data has been stolen, and the Commission is notifying all of the bodies that may have been affected. Internal systems weren't affected by the attack, it said.
"The Commission will continue to monitor the situation and take all necessary measures to ensure the security of its internal systems and data," it said. "It will analyze the incident and use the results to further enhance its cybersecurity capabilities."
What happened with the Commission attack?
The attack is believed to have affected the Commission's AWS account, impacting multiple databases and reportedly exposing hundreds of gigabytes of data.
According to Dark Web Informer, the extortion group ShinyHunters has claimed responsibility. The group said it had accessed mail servers, databases, confidential documents, contracts, "and much more sensitive material," and released more than 90GB of files on its Tor data leak site.
The data is believed to include emails and attachments, a full SSO user directory, DKIM signing keys, AWS config snapshots, NextCloud/Athena data and internal admin URLs.
ShinyHunters first appeared on the scene in 2020, and has recently been responsible for a series of high profile attacks, frequently targeting SSO credentials and Salesforce data.
Victims include Google, Chanel, Canada Goose, and Panera Bread. It mainly uses social engineering – particularly voice phishing – for its attacks.
Just two weeks ago, Salesforce was forced to issue another customer alert after uncovering an ongoing campaign targeting customers using misconfigured Experience Cloud platforms – a campaign claimed by ShinyHunters.
This latest attack is the second time this year that the European Commission has been hacked. In February, it revealed that a data breach impacting the central infrastructure managing mobile devices might have given attackers access to some staff names and mobile phone numbers.
No mobile devices were compromised, it said, and the incident was contained and systems cleaned within nine hours.
The Commission is promising to do better, saying: "As Europe confronts persistent cyber and hybrid attacks targeting essential services and democratic institutions, the Commission is actively working on enhancing the EU's cybersecurity resilience."
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
‘Belief alone is not enough’ when it comes to AI adoption
HP Series 7 Pro 732xk monitor review
‘Reducing reliance on foreign tech infrastructure is key’ to European tech success – and its survival
Google issues warning over ShinyHunters-branded vishing campaigns
