The European Commission confirmed a cyberattack affecting part of its cloud systems, now contained, with no impact on internal networks.
On March 24, the European Commission detected a cyberattack affecting the cloud infrastructure hosting its Europa.eu websites. The incident was quickly contained, with mitigation measures applied and no disruption to website availability. Early findings suggest some data may have been accessed, and potentially affected EU entities are being notified.
“Early findings of our ongoing investigation suggest that data have been taken from those websites. The Commission is duly notifying the Union entities who might have been affected by the incident.” reads the press release published by the European Commission. “The Commission’s services are still investigating the full impact of the incident. “
The EU has launched an investigation into the security breach to determine its full impact. However, the Commission pointed out that its internal systems were not affected, limiting the overall impact of the attack.
The Commission said its internal systems were not affected and will continue monitoring the situation while strengthening protections. It will analyze the incident to improve cybersecurity, as the EU faces ongoing cyber and hybrid threats targeting critical services and institutions.
EXPLORE MORE
Critical Fortinet FortiClient EMS flaw exploited for Remote Code Execution
Attackers are exploiting a critical Fortinet FortiClient EMS flaw (CVE-2026-21643) that…
Haifa in the Crosshairs: Iranian Submunitions Strike Israel’s Critical Energy Hub
March 30, 2026 — Dense black smoke is once again clouding the…
Ted Cruz Throws a Desperate Tantrum at Tucker Carlson – Labels Him America’s Top ‘Demagogue’ While Vowing a Pathetic Showdown
Ted Cruz, sweating under conference lights, just went into full meltdown mode.…
The Eagle’s Nest and the Adobe Giant: Inside Iran’s Fortress Landscape
In the rugged expanse of the Iranian plateau, history isn’t just written…
Missing Person Saniyah Mumford from the 14th District Has Been Located
The Philadelphia Police Department is seeking the public’s assistance in locating missing…
Exclusive: Little Red – The Epic Fairy Tale Adventure Coming Soon!
The Philly PI exclusive scoop – round two! Imagine if Little Red…
BleepingComputer first reported the incident, claiming that threat actors breached the European Commission’s AWS account, stealing hundreds of gigabytes of data, including databases, and providing screenshots as proof. The exact type of stolen data remains unclear.
“The European Commission, the European Union’s main executive body, is investigating a security breach after a threat actor gained access to the Commission’s Amazon cloud environment.” reported BleepingComputer. “Although the EU’s executive cabinet has yet to disclose the incident publicly, BleepingComputer has learned that the breach affected at least one of the Commission’s AWS (Amazon Web Services) accounts.”
AWS said it did not suffer a security incident and that its services functioned as expected.
While the Commission has not shared details, the attacker claimed to have stolen over 350 GB of data, including databases, and provided BleepingComputer screenshots as proof of access to employee data and an email server. The attack vector is still unknown. The attacker said they do not plan to extort the Commission but may release the data publicly later.
On 30 January, the European Commission detected another cyberattack on its mobile device management system. The organization pointed out that no mobile devices were compromised. The Commission contained and cleaned the system within nine hours.
Attackers may have accessed some staff data, including names and phone numbers, but so far they have not compromised any devices.
