The European Commission confirmed it was targeted in a cyberattack that affected cloud infrastructure hosting its Europa.eu web presence and may have led to the theft of hundreds of gigabytes of data. Hackers claiming to be the ShinyHunters group said they stole mail server dumps, databases and confidential contracts after leveraging a compromised account or security misconfiguration in AWS-hosted services; the Commission says its internal systems were not affected and an investigation is ongoing. #EuropeanCommission #ShinyHunters #AWS
Keypoints
- The European Commission said its Europa.eu cloud-hosted web infrastructure was targeted in a cyberattack.
- Hackers claiming to be ShinyHunters posted that more than 350GB of mail dumps, databases and confidential documents were stolen.
- AWS stated it did not experience a security event, suggesting the attackers used a compromised account or configuration issue rather than exploiting an AWS vulnerability.
- The Commission reports its internal systems were not affected and is notifying potentially impacted Union entities while investigating the full impact.
- This is the Commissionβs second confirmed breach this year after CERT-EU reported a prior intrusion that may have exposed staff personal data.
Read More: https://www.securityweek.com/european-commission-reports-cyber-intrusion-and-data-theft/