Published 5 days ago • loading... • Updated 3 days ago

EU Cyberattack May Have Been Worse than We Thought - 90GB of Data Published Online as 30 Entities Hit

On Thursday, the European Union's Cybersecurity Service attributed the European Commission cloud hack to the TeamPCP threat group, compromising data from up to 71 clients including 42 internal accounts and at least 29 other Union entities.
Hackers initiated the breach on March 19 using a compromised Amazon Web Services API key obtained during a supply-chain attack on the open-source security tool Trivy, allowing unauthorized access to the Commission's cloud environment.
CERT-EU reported that attackers stole around 92 gigabytes of data containing at least 51,992 files related to outbound email communications, with 'bounce-back' notifications potentially exposing sensitive user-submitted content.
ShinyHunters published a 90GB archive of the stolen dataset online on March 28, while the Commission notified data protection authorities and remains closed until next week for further response coordination.
The incident demonstrates a growing trend of cybercriminal collaboration, as Palo Alto Networks Unit 42 noted TeamPCP has conducted systematic supply-chain attacks against platforms including GitHub and Docker.

Insights by Ground AI

19 Articles

Europe’s cyber agency blames hacking gangs for massive data breach and leak

CERT-EU blamed the cybercrime group TeamPCP for the recent hack on the European Commission, and said the notorious ShinyHunters gang was responsible for leaking the stolen data online.

4 days ago·United States

Read Full Article

La Libre

Center

The European Commission Again Hacked: the Same Hackers Hit Twice in 2026

At the end of March, a cyberattack was used to steal data from the European Commission via its cloud. An incident that leaves its areas of blur, but above all that reveals flaws in the institution's system. ...

4 days ago·Brussels, Belgium

Read Full Article

Tech Radar

Center

EU cyberattack may have been worse than we thought - 90GB of data published online as 30 entities hit

CERT-EU is blaming TeamPCP for the attack, saying the Trivy breach trickled down.

4 days ago·United Kingdom

Read Full Article

BleepingComputer

Center

CERT-EU: European Commission hack exposes data of 30 EU entities

The European Union's Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities.

4 days ago

Read Full Article

Politico Europe

Lean Left

EU blames major cybercrime group for cloud infrastructure breach

Hackers stole and leaked personal data from the European Commission’s cloud.

5 days ago·Brussels, Belgium

Read Full Article

Leadership

Massive Data Leak Hits EU As Hackers Exploit Cloud System

Europe’s cybersecurity agency, CERT-EU, has blamed organised cybercriminal groups for a massive data breach involving the European Union’s executive arm. According to findings, the attackers infiltrated the cloud infrastructure of the European Commission, gaining access to sensitive data hosted on its Europa.eu platform. The agency disclosed that about 92 gigabytes of compressed data were stolen from a compromised Amazon Web Services account lin…

3 days ago·Abuja, Nigeria

Read Full Article

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/year