ShinyHunters Claims Theft of 350 GB of Data from European Commission Websites
What Happened – The cyber‑crime group ShinyHunters announced that it exfiltrated more than 350 GB of data from the European Commission’s cloud‑hosted Europa.eu web‑presence. Leaked material includes mail‑server dumps, databases, confidential documents and contracts. The breach was first detected on 24 March 2026 when the Commission’s cloud infrastructure showed signs of unauthorized access.
Why It Matters for TPRM –
- A sovereign‑level institution suffered a large‑scale data exfiltration, highlighting the risk of third‑party cloud services.
- Sensitive governmental communications and contracts may now be publicly available, increasing exposure for EU‑linked vendors and partners.
- The incident underscores the need for continuous monitoring of cloud configurations and rapid incident‑response capabilities.
Who Is Affected – Government & public sector (EU institutions), cloud‑service providers (AWS), any third‑party contractors that handle EU data.
Recommended Actions –
- Review all contracts with cloud‑hosting providers for breach‑notification clauses and security‑by‑design requirements.
- Verify that your organization’s data‑loss‑prevention (DLP) and encryption controls meet EU‑standard levels.
- Conduct a cloud‑configuration audit and implement continuous monitoring for anomalous data transfers.
Technical Notes – Attack vector remains unknown; no public vulnerability (CVE) has been disclosed. The breach appears to involve unauthorized access to an AWS account used by the Commission, resulting in mass data exfiltration. Source: Security Affairs