The European Commission has disclosed a cyber attack that affected its cloud infrastructure hosting the Europa.eu websites. Officials stated that data was taken from the sites, and the incident has been contained while investigations continue. Bleeping Computer reported that hackers accessed over 350GB of data, including employee information.
The European Commission announced on March 27 that it experienced a cyber attack targeting the cloud infrastructure behind its web presence on the Europa.eu platform. 'Early findings of our ongoing investigation suggest that data have been taken from [Europa] websites,' the Commission stated in a disclosure. The organization is notifying affected Union entities and has contained the breach, though details on the entry method remain undisclosed pending further review. Bleeping Computer reported that the threat actor gained access to Europa sites and employee data through one of the Commission's Amazon Web Services accounts, extracting around 350GB of information before mitigation efforts took effect. This incident follows a similar breach disclosed in February that also impacted employee data. Commission officials described both events as less severe than the 2024 Salt Typhoon hack on US telecom firms, which compromised data from political campaigns and government officials. In response to rising threats, the European Commission rolled out a new Cybersecurity Package in January 2026, which includes measures for EU states to handle risks from telecom supply chains. The current investigation continues without further public details on the perpetrators or exact scope of compromised information.
