“EU Cyber Breach: TeamPCP Hacks Commission Data”

Date:

The cybersecurity agency of the European Union, CERT-EU, reported on April 2 that a recent cyber assault on the EU’s administrative body was orchestrated by a hacking collective known as TeamPCP.

The breach impacted the European Commission’s public website “europa.eu” that is hosted on Amazon Web Services (AWS) cloud infrastructure. CERT-EU disclosed in a report that the attackers managed to extract around 92 gigabytes (GB) of compressed data from a compromised cloud account on AWS. The pilfered data encompassed names, email addresses, and email contents.

In a recent update, CERT-EU mentioned, “On March 28, the data extortion faction ShinyHunters disclosed the exfiltrated dataset on their dark web leak platform, asserting to have acquired ‘data dumps of mail servers, databases, confidential documents, contracts, and various sensitive materials.’ The leaked dataset was about 91.7 GB compressed (340 GB uncompressed).”

CERT-EU hinted that the breach could have impacted at least 29 other EU entities and numerous internal Commission clients whose data might have been exposed. Subsequently, the stolen data was made public online by another hacking group, ShinyHunters.

As per CERT-EU, the breach commenced on March 19 when the perpetrators acquired a confidential application programming interface (API) key associated with the Commission’s cloud account. This compromise followed a prior breach related to Trivy, a commonly used open-source security scanning tool.

The Commission inadvertently downloaded a compromised version of Trivy post the tool’s breach, enabling the attackers to seize the secret key and exploit it to access sensitive information stored in the Commission’s cloud environment.

CERT-EU is actively investigating the leaked data. The agency stated, “The dataset also comprises a minimum of 51,992 files tied to outbound email communications, amounting to 2.22 GB. Most of these are automated notifications with minimal content. However, ‘bounce-back’ notifications, which are responses to incoming messages from users, may contain the original user-submitted content, posing a risk of personal data exposure.”

The agency affirmed its engagement with potentially impacted organizations due to the breach.

Share post:

Popular

More like this
Related

Actress Nusraat Faria Stranded in Istanbul Amid Middle East Airspace Closure

Amid rising tensions in the Middle East, Israel and...

“Trump Criticizes UK Deal Leasing Chagos Islands”

US President Donald Trump criticized British Prime Minister Keir...

Bangladeshi Official Departs for Germany

Faiz Ahmad Taiyeb, the special assistant to the chief...

“Rising Tragedy: Educated Young Women in Bangladesh Battle Unseen Emotional Abuse”

In Bangladesh, a concerning trend is emerging as more...