European Commission Suffers Second Data Breach

The European Commission has confirmed that cybercriminals gained unauthorized access to part of its cloud infrastructure and stole more than 350 GB of data. According to initial findings, the attackers accessed information stored in the Commission’s Amazon Web Services (AWS) environment, including employee records, email server data, and databases linked to several Europa.eu websites.
The breach was discovered on March 24, prompting an immediate response from the Commission’s cybersecurity teams. Officials stated that while data was successfully extracted from the affected systems, there is currently no evidence that the Commission’s internal network or core operational systems were compromised.
The cyberattack has been claimed by the ShinyHunters extortion group, a threat actor known for targeting high-profile organizations and demanding payments in exchange for not releasing stolen information. Following the discovery, security teams worked quickly to isolate affected systems and prevent any further unauthorized access.
Investigators believe the attackers may have gained entry through a compromised account or a cloud security misconfiguration rather than by exploiting a vulnerability in AWS itself. The investigation remains ongoing as authorities continue to assess the full scope of the incident.
This marks the second cybersecurity breach involving the European Commission in 2026. Earlier in February, another incident exposed staff names and mobile phone numbers through the Commission’s Mobile Device Management infrastructure.
The latest breach has raised fresh concerns about the cybersecurity readiness of European institutions. Despite the introduction of major cybersecurity initiatives such as the NIS2 Directive and the Cyber Solidarity Act, some experts argue that government agencies continue to face challenges in defending against increasingly sophisticated and persistent cyber threats.
As investigations continue, the incident serves as another reminder that even organizations responsible for cybersecurity policy are not immune to the evolving tactics used by modern threat actors.