The European Commission is currently investigating a cyberattack on the Europa.eu platform that may have resulted in the theft of some data. Although the breach affected the cloud infrastructure used by various EU institutions, the Commission stated that the incident has been contained and its internal systems remain secure.
The European Commission recently discovered a cyberattack targeting the cloud computing infrastructure that supports the Europa.eu platform. This platform serves as the digital home for the websites of the European Parliament, the Council of the European Union, and the Commission itself. Upon detecting the breach on Tuesday, officials took immediate action to contain the threat and prevent further unauthorized access to the network.
Initial findings from the ongoing investigation indicate that while the attack was successfully stopped, some data was likely exfiltrated from the affected websites. The Commission clarified that its own internal core systems were not compromised during the event. At this stage, the identity of the perpetrators remains unknown, and the Commission has not yet attributed the hack to any specific criminal group or state actor.
This incident occurs during a period of heightened digital threats against European government bodies and private enterprises. The head of ENISA, the European Union's cybersecurity agency, has recently expressed serious concerns about the region's vulnerability to sophisticated hacking operations. These warnings follow previous high-profile incidents, such as the significant 2024 data breach involving the European Parliament's human resources systems.
In response to the discovery, the Commission is actively reaching out to other EU institutions that may have been impacted by the breach. The organization intends to maintain a high level of monitoring to ensure the environment remains stable. Once the immediate threat is fully resolved, a comprehensive technical analysis will be conducted to understand the methods used by the attackers and to identify areas where security can be improved.
The responsibility for safeguarding these systems falls to CERT-EU, a specialized cybersecurity unit located within the Commission's IT department. This team is tasked with defending the digital infrastructure of all EU institutions against evolving threats. Moving forward, the insights gained from this specific attack will be used to bolster the collective defenses of the European Union's online presence and prevent future intrusions.
Source: https://www.politico.eu/article/european-commission-website-cyber-attack-investigation/