- The European Commission hit by a cyberattack on its Europa.eu infrastructure hosted by AWS
- The attackers reportedly stole 350 GB of organizational data and planned to leak it online.
- EC states that internal systems are not affected, the investigation is ongoing and additional protections are being implemented
The European Commission (EC), the executive office of the European Union, has confirmed that it suffered a cyberattack in which it lost sensitive data.
In an official statement, the Commission said it spotted the intrusion on March 24, 2026, when unidentified attackers accessed the cloud infrastructure where its Europa.eu site is hosted.
Although the organization said it responded “quickly” and successfully contained the risk, some data appears to have been taken from the website.
Article continues below
Still investigating
“The Commission services are still investigating the full consequences of the incident,” the press release said.
“The Commission’s internal systems were not affected by the cyberattack. The Commission will continue to monitor the situation and will take all necessary measures to ensure the security of its internal systems and data. It will analyze the incident and use the results to further strengthen its cybersecurity capabilities.”
The EC did not discuss the nature of these files, nor how many of them were stolen. It said it was notifying “Union entities that may have been affected by the incident,” suggesting that it was organizational data – not personal information – that was stolen.
It added that it has implemented additional risk mitigation features to protect services and data without disrupting the website.
Although the EC did not specify who the attackers were or how they gained access to its network, BeepComputer claims that the criminals broke into an Amazon Web Services (AWS) account, from which they allegedly recovered more than 350 GB of data.
Amazon confirmed to the publication that its infrastructure is intact, suggesting that it was either a social engineering attack or the result of a successful infection by an infostealer.
The anonymous group said it did not intend to extort money from EC and would prefer to release the stolen information on the dark web later.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
