The European Commission announced that its digital platform “Europa.eu” was subjected to a cyber attack that led to the disclosure of some information, after the electronic extortion group “ShinyHunters” claimed responsibility for the operation.
The Commission reported that this attack did not lead to the cessation of the work of the “Europe” websites, and that the specialized technical teams took the initiative to deal with the situation and limit any further data leaks.
In a statement, the Commission stated that preliminary investigations indicate the existence of a process of data theft from the sites that were targeted, and that it has already begun notifying European parties potentially affected, while continuing to work to determine the full scope of the impact.
The Commission confirmed that its internal systems were not affected by this attack, noting that it continues to monitor the situation and take the necessary measures to protect its internal systems and data, in addition to benefiting from the results of the investigation to enhance its capabilities in the field of cybersecurity.
The BleepingComputer website reported that the hack targeted at least one of the Commission’s AWS accounts. The implementing agency was also quoted as saying that it was able to obtain more than “350 GB” of data before it was disconnected, including several databases.
The group later posted material on its dark web site, claiming to have seized information from email servers, databases, documents, and contracts, and attached a zip file of more than “90GB” of files that it claimed had been stolen from the compromised cloud environment.
