European Commission Hit by Major Data Breach Through Supply Chain Attack

Hackers breached EU Commission's AWS, stealing 340GB of data. ShinyHunters leaked it online. EC tightens security post-breach.

By Content Team

Apr 5, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Hackers stole over 300GB of data from the European Commission's AWS cloud environment after compromising an API key through the Trivy supply chain attack on March 19. The TeamPCP hacking group exploited a vulnerability in Aqua Security's scanner, which the EC unknowingly received through regular software updates.

The breach affected Europa.eu's hosting service, impacting 71 clients including 42 internal EC departments and 29 other EU entities. Stolen data includes personal information like names, email addresses, and usernames from multiple EU websites.

The notorious ShinyHunters group later published the 340GB dataset on their leak site. The EC has revoked compromised credentials and notified data protection authorities, confirming internal systems weren't affected.

Source: Security Week

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical WinRAR Vulnerability Under Active Attack by Russian, Chinese, and Criminal Groups

Jan 29, 2026

Iran-Linked Hackers Disrupt Medical Giant Stryker's Global Operations

Mar 13, 2026

Saudi Arabia Ordered to Pay £3m to London Dissident Over Pegasus Spying

Jan 29, 2026

German Police Rush to Warn Companies About Critical PTC Software Vulnerability

Mar 29, 2026