EU Confirms ShinyHunters Behind Recent Cyberattack on European Commission
The European Union has officially confirmed that the recent cyberattack on the cloud infrastructure of the European Commission was carried out by a group of cybercriminals known as ShinyHunters.
On April 2, the Computer Emergency Response Team for the European Union (CERT-EU) released a technical report confirming that the notorious cybercriminal group ShinyHunters was responsible for a significant cyberattack on the European Commission's cloud services. This incident, which occurred in March, resulted in the theft of personal data, including names, email addresses, and the contents of emails.
According to CERT-EU, the attackers managed to exfiltrate an estimated 91.7 GB of data in compressed form, which translates to approximately 340 GB in uncompressed format. The stolen data was subsequently published on the dark web by ShinyHunters, a group that has gained a dubious reputation for its involvement in various high-profile cyber incidents.
This latest attack is not an isolated incident for ShinyHunters. Earlier in February, the group was implicated in a massive breach of a Dutch telecommunications operator. They are also part of a larger collective that previously claimed responsibility for the breach of Jaguar Land Rover, an incident that reportedly caused an economic impact of around €2.2 billion to the UK economy last year.
In light of these events, the Council of the European Union has recently implemented sanctions against individuals and entities responsible for cyberattacks targeting EU member states and their partners. This move underscores the seriousness and determination of the EU in combating cybercrime and protecting its information systems.
In February, European Commissioner for Digital and Advanced Technologies, Hennä Virkkunen, emphasized the need for Europe to be capable of conducting offensive operations in cyberspace, as traditional deterrence methods have proven inadequate against modern threats.
Additionally, the Left Party in Germany recently reported an attack by Russian-speaking hackers on its IT systems. These incidents highlight the growing threat posed by cybercriminals, which jeopardizes not only state institutions but also private companies and political organizations.