European Commission investigating breach after Amazon cloud hack

Recorded: March 27, 2026, 3 p.m.

Original

News

Featured
Latest

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

HackerOne discloses employee data breach after Navia hack

Firefox now has a free built-in VPN with 50GB monthly data limit

Infinite Campus warns of breach after ShinyHunters claims data theft

Agentic GRC: Teams Get the Tech. The Mindset Shift Is What's Missing.

European Commission investigating breach after Amazon cloud hack

This lifetime $160 1TB Koofr cloud storage deal ends in days

Anti-piracy coalition takes down AnimePlay app with 5 million users

Tutorials

Latest
Popular

How to access the Dark Web using the Tor Browser

How to enable Kernel-mode Hardware-enforced Stack Protection in Windows 11

How to use the Windows Registry Editor

How to backup and restore the Windows Registry

How to start Windows in Safe Mode

How to remove a Trojan, Virus, Worm, or other Malware

How to show hidden files in Windows 7

How to see hidden files in Windows

Webinars
Downloads

Latest
Most Downloaded

Qualys BrowserCheck

STOPDecrypter

AuroraDecrypter

FilesLockerDecrypter

AdwCleaner

ComboFix

RKill

Junkware Removal Tool

Deals

Categories

eLearning

IT Certification Courses

Gear + Gadgets

Security

VPNs

Popular

Best VPNs

How to change IP address

Access the dark web safely

Best VPN for YouTube

Forums
More

Virus Removal Guides
Startup Database
Uninstall Database
Glossary
Send us a Tip!
Welcome Guide

HomeNewsSecurityEuropean Commission investigating breach after Amazon cloud hack

European Commission investigating breach after Amazon cloud hack

By Sergiu Gatlan

March 27, 2026
08:22 AM
0

The European Commission, the European Union's main executive body, is investigating a security breach after a threat actor gained access to its Amazon cloud infrastructure.
Although the EU's executive cabinet has yet to disclose the incident publicly, BleepingComputer has learned that the breach affected at least one account used to manage the compromised cloud infrastructure.
Sources familiar with the incident have told BleepingComputer that the attack was quickly detected and that the Commission's cybersecurity incident response team is now investigating.
While the Commission has yet to share any details about this breach, the threat actor who claimed responsibility for the attack reached out to BleepingComputer earlier this week, stating that they had stolen over 350 GB of data (including multiple databases).
They didn't disclose how they breached the affected accounts, but they provided BleepingComputer with several screenshots as proof that they had access to information belonging to European Commission employees and to an email server used by Commission employees.
The threat actor also told BleepingComputer that they will not attempt to extort the Commission using the allegedly stolen data as leverage, but intend to leak the data online at a later date.
The Commission disclosed another data breach in February after discovering on January 30 that the mobile device management platform used to manage its staff's devices had been hacked.
The January incident appears to be linked to similar attacks targeting other European institutions (including the Dutch Data Protection Authority and Valtori, a government agency of Finland's Ministry of Finance) that exploit code-injection vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software.
These recent security breaches come on the heels of the Commission's January 20 proposal for new cybersecurity legislation to strengthen defenses against state-backed actors and cybercrime groups targeting Europe's critical infrastructure.
Last week, the Council of the European Union also sanctioned three Chinese and Iranian companies for orchestrating cyberattacks targeting the critical infrastructure of member states.

Red Report 2026: Why Ransomware Encryption Dropped 38%
Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.
Download The Report

Related Articles:
European Commission discloses breach that exposed staff dataDutch Ministry of Finance discloses breach affecting employeesEU says TikTok faces large fine over "addictive design"EU launches investigation into X over Grok-generated sexual imagesGoogle: Cloud attacks exploit flaws more than weak credentials

Amazon
Breach
Cloud
Data Theft
Europe
European Commission
European Union
Hack

Sergiu Gatlan
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.

Previous Article
Next Article

Popular Stories

Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens

Kali Linux 2026.1 released with 8 new tools, new BackTrack mode

Firefox now has a free built-in VPN with 50GB monthly data limit

Sponsor Posts

AI is a data-breach time bomb: Read the new report

Overdue a password health-check? Audit your Active Directory for free

Is your program ready for agentic GRC? See what shift enterprise teams need to make.

Are your AI accounts being sold on the dark web? Check for free.

Synthetic Identities, Proxies & Real Identities for Sale, is yours next?

Upcoming Webinar

Main Sections

News
Webinars
VPN Buyer Guides
SysAdmin Software Guides
Downloads
Virus Removal Guides
Tutorials
Startup Database
Uninstall Database
Glossary

Community

Forums
Forum Rules
Chat

Useful Resources

Welcome Guide
Sitemap

Company

About BleepingComputer
Contact Us
Send us a Tip!
Advertising
Write for BleepingComputer
Social & Feeds
Changelog

Username

Password

Remember Me

Not a member yet? Register Now

Reporter

Help us understand the problem. What is going on with this comment?

Spam

Abusive or Harmful

Inappropriate content

Strong language

Other

Read our posting guidelinese to learn what content is prohibited.

Submitting...
SUBMIT

The European Commission is currently investigating a significant security breach affecting its Amazon cloud infrastructure. Initial reports, confirmed by BleepingComputer, indicated that a threat actor gained unauthorized access to at least one account used to manage the compromised cloud environment. Following the detection of the breach, the Commission’s cybersecurity incident response team initiated a thorough investigation, a necessity given the potential scope of the compromised data. Remarkably, the threat actor, who contacted BleepingComputer, claimed to have exfiltrated over 350 gigabytes of data, encompassing multiple databases and potentially containing information pertaining to European Commission employees and Commission-affiliated email servers. This actor refrained from attempting extortion, stating their intention to publicly release the stolen information at a later date.

This incident follows a previous data breach disclosed in February, concerning the Commission’s mobile device management platform. This earlier breach appeared interconnected with attacks targeting other European institutions, notably the Dutch Data Protection Authority and Valtori, highlighting a potential pattern of exploitation involving code-injection vulnerabilities within Ivanti Endpoint Manager Mobile (EPMM) software. The Commission’s response to this recent breach is intrinsically linked to its ongoing efforts to strengthen cybersecurity defenses, as evidenced by its January proposal for new cybersecurity legislation aimed at mitigating threats from both state-backed actors and cybercriminal organizations targeting European critical infrastructure. Furthermore, the Council of the European Union had simultaneously sanctioned three entities – two Chinese and one Iranian – for their involvement in cyberattacks against member states’ critical infrastructure, underscoring the escalating geopolitical dimension of cybersecurity threats. The investigation is ongoing, focusing on the precise extent of the data compromise and the methods employed by the attacker.