The European Commission is investigating a cyber-attack on its Europa.eu web platform after threat actor ShinyHunters claimed responsibility and alleged the theft of more than 350GB of data.
The Commission maintains that internal systems were not impacted, while the full scope of the breach remains under review.
The incident is linked, at least by claim, to ShinyHunters, a well-known cybercrime group that operates data leak portals on the dark web. A listing by the group posted on Saturday advertises “350GB+” of stolen data allegedly tied to the European Commission’s Europa platform. The entry references alleged dumps of mail servers, databases, confidential documents, and contracts.
The Commission has not confirmed the authenticity of these claims, reiterating that its investigation is ongoing and that affected Union entities are being notified as a precaution. EU officials emphasized that the attack targeted cloud-hosted infrastructure supporting public-facing websites and that no internal Commission systems were compromised. Services remained operational throughout the incident, suggesting the attackers focused on data exfiltration rather than disruption.
ShinyHunters is a prolific threat group known for breaching organizations and publishing or selling stolen data via leak sites, often as part of double-extortion schemes. The group has previously been linked to high-profile data breaches affecting corporations and government entities, typically leveraging exposed databases, compromised credentials, or vulnerabilities in cloud services to gain access.
The Europa.eu platform serves as the European Union’s primary web portal, hosting a wide array of institutional websites used by EU bodies and agencies to publish legislation, policy updates, research, and official communications.
This development follows a separate incident disclosed in February 2026, in which attackers targeted the Commission’s mobile device infrastructure. In that case, limited staff contact data may have been accessed, but the breach was reportedly contained quickly and did not impact core systems.
The European Union has been actively strengthening its cybersecurity posture through initiatives such as the NIS2 Directive, the Cyber Solidarity Act, and the recently introduced Cybersecurity Package. These frameworks aim to improve cross-border coordination, incident response, and resilience across critical sectors and public institutions.
Organizations and individuals interacting with EU systems should remain cautious, particularly regarding unsolicited communications that could leverage potentially exposed information.
Leave a Reply