The European Commission suffered a breach of its AWS-hosted Europa.eu platform in March, with CERT-EU attributing the incident to the hacking group TeamPCP, which exfiltrated roughly 92 GB of compressed data including names, email addresses, and some email content. The compromise relied on a stolen Amazon API key and a Trivy supply-chain compromise, and the stolen dataset later appeared on the ShinyHunters dark web site, potentially exposing data from 42 internal clients and at least 29 EU entities. #TeamPCP #Trivy #ShinyHunters #EuropeanCommission
Keypoints
- CERT-EU attributes the March 19 breach of the European Commissionβs AWS account to the hacking group TeamPCP.
- Attackers used a compromised Trivy package and a secret Amazon API key to access the Europa.eu platform on AWS.
- About 92 GB of compressed data was taken, including names, email addresses, and portions of email content.
- Nearly 52,000 files related to outbound email were found, mostly automated but with some bouncebacks that could expose personal data.
- Stolen data appeared on the ShinyHunters site, indicating potential criminal collaboration to monetize the breach.
Read More: https://therecord.media/european-commission-cyberattack-teampcp