Last Update: 04/05/2026 at 2:50 PM EST
European Commission Cloud Breach Leaks Data
Coverage from BleepingComputer, TechCrunch, and others
Articles
5
Latest Article
04/03
Active Days
8
Executive Summary
A cloud breach at the European Commission exposed personal data from Europa.eu hosting and affected multiple EU entities, prompting containment and investigation.
- CERT-EU attributed the breach to TeamPCP and linked initial access to a stolen AWS API key
- The intrusion began on March 10 and went undetected until March 24
- Attackers used Trivy stolen credentials and TruffleHog to find more secrets
- A new access key was created to help evade detection during the breach
- ShinyHunters later posted a 90GB archive of stolen data on March 28
- The archive contained names, email addresses, email content, and other personal data
- CERT-EU said up to 71 Europa web hosting clients may be affected, including 42 Commission clients and 29 other Union entities
Quick Facts
- What: A cloud breach exposed personal data and email content
- Where: Europa.eu hosting and related European Commission AWS infrastructure
- Why: Attackers stole and later leaked data from cloud accounts
- Who: TeamPCP and ShinyHunters targeted European Commission cloud systems
- When: Intrusion began March 10 and was disclosed March 27
Coverage Timeline: 8 Days
Featured Article
European Commission confirmed an Europa.eu web platform breach in an AWS-related cyberattack claimed by ShinyHunters, with notifications and investigation underway.
Additional Articles
⭐⭐⭐
CERT-EU attributed a March 10 European Commission AWS cloud breach to TeamPCP, reporting delayed detection and exposure of personal data later published on a ShinyHunters dark-web site.
European Commission investigators are probing a threat actor breach of Amazon cloud infrastructure in the 2020s, after reported access to employee and email-server data and a prior Ivanti-linked mobile device management hack.
The European Commission investigated a reported Amazon cloud breach involving an AWS account that exposed employee information and an email server used by Commission staff.
European Commission officials confirmed a cloud infrastructure cyberattack on Europa.eu hosting, with containment steps taken after reported Amazon Web Services data theft.