Officials from the European Commission revealed a recent cyber incident that compromised the cloud systems supporting their online presence on the Europa.eu domain. Although the breach has now been neutralized, reports from Bleeping Computer indicate that the perpetrator, who claimed responsibility, managed to extract more than 350 gigabytes of information prior to the Commission's intervention.
Preliminary results from the continuing probe indicate that information was extracted from Europa websites, according to a statement from the European Commission. The organization is promptly informing relevant EU bodies that could have been impacted by the event.
Efforts to investigate the matter at the Commission are still underway, with details on the entry method into the cloud setup remaining undisclosed. Bleeping Computer sources suggest the intruder gained entry to Europa pages and staff information through an Amazon Web Services account linked to the Commission. Earlier this year in February, the Commission had reported another incident involving staff data exposure.
These recent violations seem milder compared to the 2024 Salt Typhoon operation, which targeted American telecom firms. In that case, intruders allegedly obtained smartphone information from individuals associated with the Trump and Harris presidential efforts, as well as various public servants. To counter such threats, the European Commission unveiled an updated Cybersecurity Initiative in January 2026, which includes guidelines for EU nations on managing high-risk vendors within their telecommunications networks.