Europe’s cyber agency blames hacking gangs for massive data breach and leak

The European Union’s cybersecurity agency said Thursday that a recent hack and data breach at the EU’s executive body was the work of a cybercriminal group known as TeamPCP. In a new report , CERT-EU also reported that the hackers stole around 92 gigabytes of compressed data from a compromised Amazo

Cybersecurity··3 min read
Europe’s cyber agency blames hacking gangs for massive data breach and leak

The Lead

Europe’s cyber agency blames hacking gangs for massive data breach and leak. The European Union’s cybersecurity agency said Thursday that a recent hack and data breach at the EU’s executive body was the work of a cybercriminal group known as TeamPCP. In a new report , CERT-EU also reported that the hackers stole around 92 gigabytes of compressed data from a compromised Amazon Web Services (AWS) account used by the bloc's executive, the European Commission, which included personal data containing names, email addresses, and the contents of emails. The breach affected the cloud infrastructure of the Commission’s Europa.eu platform, which member states use to host websites and publications of the bloc's institutions and agencies. CERT-EU wrote that the data of at least 29 other EU entities may be affected, and that dozens of internal European Commission clients could have had data stolen as well. The stolen data was then.

Key Details

While the size of the data breach is itself notable, the cyber agency's attribution blaming two separate hacking groups for the same incident is unusual. A member of ShinyHunters told TechCrunch in an online chat that they had stolen some of the data that TeamPCP had previously taken in earlier attacks, and then leaked it. TeamPCP could not be reached for comment. CERT-EU said that the breach originated on March 19 when hackers acquired a secret API key associated with.

Context

Contact Us Do you have more information about this breach? Or other cyberattacks? From a non-work device, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, or via Telegram and Keybase @lorenzofb, or email . A spokesperson for the European Commission told TechCrunch that the body is closed until next week, and would respond to a request for comment then. Besides the Trivy breach, TeamPCP has been linked to ransomware attacks and crypto-mining campaigns, says Aqua.

What's Next

By targeting developers with keys to access sensitive systems, the hackers "then have the ability to hold compromised organizations for ransom, demanding extortion payments,” Unit 42 wrote. This story was updated to include comments from a member of ShinyHunters.

Opinion 📡

Every headline tells a bigger story. We connect the dots so you don't have to.

Related Articles

Telehealth giant Hims & Hers says its customer support system was hacked
Cybersecurity

Telehealth giant Hims & Hers says its customer support system was hacked

Tech companies are trying to neuter Colorado’s landmark right-to-repair law
Policy

Tech companies are trying to neuter Colorado’s landmark right-to-repair law

People would rather have an Amazon warehouse in their backyard than a data center
Big-Tech

People would rather have an Amazon warehouse in their backyard than a data center

After fighting malware for decades, this cybersecurity veteran is now hacking drones
Gaming

After fighting malware for decades, this cybersecurity veteran is now hacking drones