The European Commission confirmed it suffered a data breach impacting its cloud infrastructure used for the Europea.eu platform. The cyber attack allowed a threat actor to access over 350GB of data before being contained.
The breach raises significant concerns about the security of EU data, as the Commission is notifying various Union entities that may have been affected. Initial findings indicate data was taken from Europa websites.
The investigation remains ongoing, and details on the method of the breach have not been disclosed. Reports indicate the attacker gained access through one of the Commission’s Amazon Web Services accounts, which included employee data.
The European Commission faced a similar breach earlier this year that also impacted employee data. Both incidents are considered less severe than the Salt Typhoon hack that targeted US telecommunications in 2024.
The Salt Typhoon breach involved unauthorized access to data from smartphones belonging to members of both the Trump and Harris campaigns, along with other government officials. In January 2026, the European Commission introduced a Cybersecurity Package aimed at enhancing security measures and managing risks in telecom supply chains.
