The European Commission detected a cyberattack on Tuesday that involved its cloud environment on Amazon Web Services, a commission spokesman said, and authorities are now investigating whether internal data were taken.
Spokesman Thomas Regnier confirmed the commission identified a cyber-attack that "affected part of our cloud infrastructure." He added that the commission’s internal systems were not affected by the cyber-attack. The intrusion was discovered, blocked and is the subject of an internal investigation to determine the extent of the breach.
Cybersecurity blog Bleeping Computer reported that the individual behind the incident claimed to have stolen more than 350 gigabytes of data. That claim is part of the material currently being examined by commission investigators as they assess what information may have been exposed.
The cloud-focused nature of the incident centers attention on the commission’s Amazon Web Services account, which was the element of the infrastructure the commission says was affected before the intrusion was halted.
This event follows a separate security episode earlier this month involving a high-ranking commission official. In that case, an intercepted WhatsApp call between the official and a Politico journalist was uploaded to YouTube. Both Politico and the commission stated that their devices and networks showed no signs of compromise in relation to that earlier incident.
At present, the commission is continuing its internal review to establish the factual picture of what systems, if any, had data exfiltrated and to gauge the potential impact. Officials have not announced further details about the investigation or confirmed whether the claim of more than 350 gigabytes of data taken is accurate.
Summary
The European Commission identified and blocked a cyberattack on Tuesday that targeted part of its cloud infrastructure hosted on Amazon Web Services. An internal inquiry is underway to establish whether any internal data were taken after a claim surfaced that over 350 gigabytes were stolen. The commission says its internal systems remained unaffected.
Key points
- The breach targeted the commission’s Amazon Web Services account and was detected and blocked.
- An attacker has claimed to have stolen more than 350 gigabytes of data; this claim is being reviewed in the commission’s internal investigation.
- The episode follows a separate security incident earlier in the month involving an uploaded intercepted WhatsApp call; both Politico and the commission reported no evidence their devices or networks were compromised in that case.
Risks and uncertainties
- The investigation is ongoing and the precise scope of any data loss remains unknown - this uncertainty affects assessments of potential operational or reputational damage to public-sector services that rely on cloud platforms.
- Claims about the volume of data taken (more than 350 gigabytes) have been made publicly but have not been independently confirmed by the commission.
- Connections, if any, between this cloud-targeted intrusion and the earlier uploaded WhatsApp call involving a commission official remain unclear based on the information released so far.