1. Forum
  2. FIDO
  3. CONSPRCY

  • EU cyberattack may have b

    From Mike Powell@1:2320/107 to All on Sat Apr 4 08:35:18 2026
    EU cyberattack may have been worse than we thought - 90GB of data published online as 30 entities hit

    Date:
    Fri, 03 Apr 2026 12:15:00 +0000

    Description:
    CERT-EU is blaming TeamPCP for the attack, saying the Trivy breach trickled down.

    FULL STORY
    The recent cyberattack on the European Commission (EC) may have been a lot worse than initially thought, as we now know it affected almost 30 different European Union (EU) entities.

    In an updated security notice, the European Unions Cybersecurity Service (CERT-EU) blamed the intrusion on TeamPCP, and shared more details about what had happened. The attack saw TeamPCP, a relatively unknown threat actor,
    manage to get a malicious version of Trivy into the update stream that users trust. Trivy is an open source security scanner built by Aqua Security to detect vulnerabilities and misconfigurations. This malicious version allowed TeamPCP to obtain an Amazon Web Services (AWS) API key of the European Commission, which granted them control over other AWS accounts affiliated
    with the EC. Amazon confirmed this was not a breach of
    its own system and that it operates as it should.

    Using the stolen AWS secrets, TeamPCP exfiltrated data from the affected
    cloud environment , the EC then confirmed. The exfiltrated data relates to websites hosted for up to 71 clients of the Europa web hosting service: 42 internal clients of the European Commission, and at least 29 other Union entities.

    It doesnt name which entities those are, but some of the more notable ones include the European Parliament, Council of the European Union, and the European External Action Service. Other agencies that may have been affected include the European Medicines Agency, European Banking Authority, ENISA, or Frontex.

    Soon after news of the breach broke, a group known as ShinyHunters claimed
    the incident, saying they nabbed data dumps of mail servers, databases, confidential documents, contracts, and much more sensitive material. In
    total, the hackers posted 340GB of data, compressed into a 91.7GB archive.

    Analysis of the published dataset has so far confirmed the presence of
    personal data, including lists of names, last names, usernames, and email addresses, predominantly from the European Commissions websites but
    potentially pertaining to users across multiple Union entities, EU-CERT said.

    The dataset also contains at least 51,992 files related to outbound email communications, the majority of which are automated notifications with little to no content.

    Via BleepingComputer

    Link to news story: https://www.techradar.com/pro/security/eu-cyberattack-may-have-been-worse-than -we-thought-90gb-of-data-published-online-as-30-entities-hit

    $$
    --- SBBSecho 3.28-Linux
    * Origin: Capitol City Online (1:2320/107)