European Commission investigates cyber attack on its websites; CERT-EU publishes recommendations – DataBreaches.Net
DataBreaches.Net
Politico reported:
The European Commission is investigating a cyber attack on its websites, with early findings suggesting that some data was taken, it said Friday.
The EU executive said it discovered the attack on Tuesday and took “immediate steps” to contain it.
The attack hit the cloud computing infrastructure used by the Commission to manage the Europa.eu platform, where the Commission, European Parliament, Council of the EU and other EU institutions’ websites are located.
The incident was “contained,” the Commission said. But the early stages of its investigation suggest some data may have been taken from those websites, it added. Its own internal systems were not affected, it said.
Read more at Politico.
In a press release issued on March 26, the Commission wrote, in part:
On 24 March, the European Commission discovered a cyber-attack, which affected its cloud infrastructure hosting the Commission’s web presence on the Europa.eu platform. Immediate steps were taken to contain the attack. The Commission’s swift response ensured the incident was contained and risk mitigation measures were implemented to protect services and data, without disrupting the availability of the Europa websites.
Early findings of our ongoing investigation suggest that data have been taken from those websites. The Commission is duly notifying the Union entities who might have been affected by the incident. The Commission’s services are still investigating the full impact of the incident.
The Commission’s internal systems were not affected by the cyber-attack.
As first reported by BleepingComputer, ShinyHunters claimed responsibility for the attack and have added the Commission to its dark web leak site.
They claim, “Over 350 GB of data was compromised, including data dumps of mail servers, databases, confidential documents, contracts, and much more sensitive material.”
While confirming that they had suffered a data breach, the Commission had not confirmed all of ShinyHunter’s claim
On April 2, in the interests of transparency, CERT-EU published: European Commission cloud breach: a supply-chain compromise.
Key Points:
Read their full analysis and important recommendations at CERT-EU.
Your email address will not be published.
This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.
And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.
Grab it here:
https://databreaches.net/feed/
source
This is a newsfeed from leading technology publications. No additional editorial review has been performed before posting.
Turn insight into action with CDO TIMES.
CDO TIMES helps executives move from AI awareness to AI execution through practical frameworks, tools, executive research, and advisory support.
Explore the Frameworks
Continue with Enterprise AI 2030, HI + AI = ECI, AI Governance, and executive playbooks.
Explore Enterprise AI 2030 →Use the Free Tools
Assess readiness, estimate AI ROI, model AI costs, and prioritize AI initiatives.
Open Executive Tools →Read the Book
Explore the HI + AI = ECI leadership model in The AI-Ready Leader.
Order The AI-Ready Leader →Go deeper with CDO TIMES Pro.
Unlock premium research, executive playbooks, templates, advanced tools, and member-only briefings.
Need executive help?
Explore advisory, workshops, fractional CIO/CDO/CISO/CAIO support, and AI operating model design.
Explore Advisory →Attend executive events
Join leadership forums, executive dinners, webinars, and strategic AI briefings.
View Events →Build AI capability
Use CDO TIMES Academy for executive learning, AI leadership development, and implementation training.
Explore Academy →

