179/69 Monday, March 30, 2026
The cybercrime group ShinyHunters has claimed responsibility for breaching the European Commission and exfiltrating more than 350GB of data. The stolen data was reportedly published on the group’s Tor-based leak site and is believed to include email system data, databases, internal documents, and contractual records. However, the exact scope and nature of the leaked data are still under investigation.
The European Commission stated that it detected the cyber incident on March 24, which impacted cloud infrastructure used to host websites under the Europa[.]eu domain. The organization responded promptly to contain the incident, ensuring that affected websites remained operational. Preliminary findings indicate that some data may have been accessed, and relevant entities are currently being notified. Authorities also confirmed that core internal systems were not impacted.
European Union agencies are continuing their investigation to assess the full extent of the breach and have implemented additional cybersecurity measures to prevent future incidents. Some reports suggest that attackers may have gained access to cloud accounts and exfiltrated large volumes of data, although the cloud service provider has denied any vulnerabilities in its platform. The ShinyHunters group has a history of targeting major organizations, often using social engineering and vishing techniques to obtain credentials and access SaaS environments, later leveraging stolen data for extortion or public disclosure.