NEWS

European Commission admits attackers broke into public web systems, but says little else

Brussels notifying 'Union entities' whose data may've been snatched in websites breach The European Commission has admitted that attackers broke into its public-facing web infrastructure and siphoned off data in a bare-bones disclosure that answers the what but ducks most of the how.…

By The Register
European Commission admits attackers broke into public web systems, but says little else
European Commission admits attackers broke into public web systems, but says little else Photo: The Register

Brussels notifying 'Union entities' whose data may've been snatched in websites breach
The European Commission has admitted that attackers broke into its public-facing web infrastructure and siphoned off data in a bare-bones disclosure that answers the what but ducks most of the how.

The intrusion was spotted on March 24 and hit cloud systems hosting the Commission's Europa websites, the front door for everything from policy pages to public information.

Officials say they contained the incident quickly and that the sites stayed online, so there was no obvious outage while someone was poking around the back end.

What that someone actually got is another matter.

The Commission says data may have been exfiltrated, but leaves it there.

There are no details about what kind of data was taken, how much, or who might be affected.

There's also no word on initial access, how long the attackers had access, or who might be responsible.

"Early findings of our ongoing investigation suggest that data have been taken from those websites," the EC said.

"The Commission is duly notifying the Union entities who might have been affected by the incident.

The Commission's services are still investigating the full impact of the incident."
For an institution that often emphasizes breach transparency, it's a pretty thin statement.

The European Commission did not respond to The Register's questions.

While the EC isn't saying much, reports claim a threat actor may have gained access to the Commission's AWS cloud environment and exfiltrated more than 350 GB of data
One line the Commission is keen to stress is that internal systems were not affected, at least based on what it knows so far.

If that assessment holds, it suggests reasonable separation between public web services and the core network, limiting how far an attacker could go once inside.

Even so, this is the Commission's second security headache in quick succession.

Just last month, Brussels admitted that Commission-issued mobile phones had been compromised , an intrusion that "may have resulted in access to staff names and mobile numbers of some of its staff members."
The EC's barely there statement leans on the usual line about Europe facing constant cyber pressure, with references to NIS2 and other initiatives.

That may be true, but it doesn't explain how this one happened – or why there's so little detail about it.

®

Related Stories

Source: This article was originally published by The Register

Read Full Original Article →

Share this article

Comments (0)

No comments yet. Be the first to comment!

Leave a Comment

Maximum 2000 characters