The European Commission is investigating a breach after a threat actor gained access to at least one of its Amazon Web Services accounts and claims to have stolen over 350 GB of data, including employee information and an email server. AWS says its services operated as designed, the Commissionβs incident response team detected the intrusion quickly, and the actor says they will not extort the Commission but intend to leak the data later; the incident follows other EPMM-related attacks and coincides with EU efforts to strengthen defenses and sanction hostile cyber actors. #EuropeanCommission #AWS
Keypoints
- A threat actor accessed at least one European Commission AWS account and claims to have exfiltrated over 350 GB of data.
- The Commission has not publicly disclosed the incident but its cybersecurity incident response team is investigating after detecting the attack quickly.
- AWS stated that it did not experience a security event and that its services operated as designed.
- The attacker provided screenshots as proof, said they will not extort the Commission, and intends to leak the stolen data later.
- The breach follows earlier attacks exploiting Ivanti Endpoint Manager Mobile (EPMM) and comes amid EU legislative and sanction actions against cyber threats.