{"id":230703,"date":"2026-04-03T02:33:00","date_gmt":"2026-04-03T06:33:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/03\/european-commission-hack-exposes-data-of-30-eu-entities\/"},"modified":"2026-04-03T08:00:34","modified_gmt":"2026-04-03T12:00:34","slug":"european-commission-hack-exposes-data-of-30-eu-entities","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/03\/european-commission-hack-exposes-data-of-30-eu-entities\/","title":{"rendered":"European Commission hack exposes data of 30 EU entities"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities\/\">European Commission hack exposes data of 30 EU entities<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-03 02:33:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>The European Union&#8217;s Cybersecurity Service (CERT-EU) has attributed the European Commission cloud hack to the TeamPCP threat group, saying the resulting breach exposed the data of at least 29 other Union entities.<\/p>\n<p>The European Commission publicly disclosed the incident on March 27 after BleepingComputer reached out for confirmation that the Amazon cloud environment of the European Union&#8217;s main executive body had been breached.<\/p>\n<p>Two days earlier, the Commission notified\u00a0CERT-EU\u00a0of the hack, saying that its\u00a0Cybersecurity Operations Center was not alerted to API misuse, potential account compromise, or any abnormal network traffic until March 24, five days after the initial intrusion.<\/p>\n<p>On March 10, TeamPCP used a compromised Amazon Web Services API key with management rights over other European Commission AWS accounts (stolen\u00a0in the Trivy supply-chain attack) to breach the\u00a0Commission&#8217;s\u00a0Amazon cloud environment.<\/p>\n<p>In the next stage of the attack, they used TruffleHog (a tool for scanning\u00a0and validating cloud credentials)\u00a0to search for additional secrets, then attached a newly created access key to an existing user to evade detection before conducting further reconnaissance and stealing data.<\/p>\n<p>TeamPCP has been linked to supply-chain attacks targeting multiple other developer code platforms, such as GitHub,\u00a0PyPi, NPM, and Docker.<\/p>\n<p>The cybercrime gang has also compromised the LiteLLM PyPI package\u00a0in an attack that\u00a0impacted tens of thousands of devices using its\u00a0&#8220;TeamPCP Cloud Stealer&#8221; information-stealing malware.<\/p>\n<h2>Data leaked on the dark web\u00a0by\u00a0ShinyHunters<\/h2>\n<p>On March 28, data extortion group ShinyHunters published the stolen dataset\u00a0on their dark web leak site as a 90GB archive of documents (approximately 340GB\u00a0uncompressed), containing\u00a0names, email addresses, and email content.<\/p>\n<p>CERT-EU&#8217;s analysis confirmed that the threat actors have stolen tens of thousands of files containing\u00a0personal information,\u00a0usernames, email addresses, and email&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>European Commission hack exposes data of 30 EU entities https:\/\/www.bleepingcomputer.com\/news\/security\/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities\/ Publish Date: 2026-04-03 02:33:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":230704,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2026\/04\/03\/0_European_Union_flag.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,32],"class_list":["post-230703","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230703"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=230703"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230703\/revisions"}],"predecessor-version":[{"id":230705,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/230703\/revisions\/230705"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/230704"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=230703"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=230703"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=230703"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}