Overview
- The Commission detected an intrusion Tuesday in cloud systems that host Europa.eu and said Friday it contained the incident and began notifying affected EU bodies.
- ShinyHunters claimed it stole about 350 GB of data and posted an archive of roughly 90 GB that it says came from the Commission’s cloud environment.
- Officials said the websites stayed online and internal networks were not affected, and investigators are still mapping what was accessed and who is exposed.
- Reporting points to at least one affected Amazon Web Services account, though the entry point has not been disclosed or verified by the Commission.
- Independent researchers said the haul may include emails, DKIM email-signing keys, admin URLs, NextCloud files, material tied to the Athena mechanism, and possibly an SSO user directory, which could aid email spoofing and account takeovers if confirmed.