Commission information the incident last Friday, after discovering it earlier in the week. The attack those affected the Commission’s public website platform europa.eu based on Amazon Web Services. Data relating to at least 29 other EU bodies could be affected, CERT-EU said.
Commission spokesman Thomas Regnier told reporters earlier this week that the data in question “may already be in the public domain.”
Technical analysis on Thursday confirmed reports that the notorious cybercrime group ShinyHunters sold the data, which the hackers claimed included “dumps on mail servers, confidential documents, contracts and more sensitive material.”
“On March 28, the data fraud group ShinyHunters made the stolen data publicly available on their cyber leak site,” CERT-EU said. “The published data was approximately 91.7 GB compressed (340 GB uncompressed),” it added.
