European Commission Data Breach: Cyberattack Hits Europa Cloud Infrastructure

David T. Simmons

28 Mar 2026

Add Informer Tech
as a preferred source

European Commission Confirms Cyberattack on Europa Platform

European Commission Data Breach Affected Cloud Infrastructure

The European Commission has confirmed that it suffered a cyberattack affecting cloud infrastructure that hosted the Commission’s web presence on the Europa.eu platform. The incident has been contained, but early findings from the ongoing investigation indicate that data was taken from Europa websites.

The Commission said it is notifying Union entities that may have been affected by the incident.

Data Taken From Europa Websites

According to the Commission’s early findings, data appears to have been removed from websites on the Europa platform. The investigation is still underway, and the Commission has not yet disclosed how the breach of its cloud infrastructure happened.

A reported account of the incident said the threat actor claiming responsibility was able to take control of 350GB of data before the issue was addressed.

Reported Access Through an Amazon Web Services Account

A reported account of the breach said the threat actor accessed Europa sites and employee data through one of the Commission’s Amazon Web Services accounts. While the Commission has not confirmed those specific details, it has acknowledged that the investigation remains ongoing.

Employee Data May Also Have Been Impacted

The reported access route did not just involve website-related systems. It also reportedly exposed employee data, adding to concerns around the scope of the incident.

The Commission had already disclosed a breach in February that similarly affected employee data.

Ongoing Investigation Into the European Commission Cyberattack

The Commission is still investigating the incident and has not yet shared how its cloud infrastructure was compromised. At this stage, the confirmed points are limited: the attack affected the infrastructure hosting the Commission’s web presence, it has been contained, and data appears to have been taken from Europa websites.

That leaves several key questions unanswered, including the method of intrusion and the full extent of the impact.

How This Breach Compares With Other Major Cyber Incidents

Both breaches appear to be less severe than the Salt Typhoon hack that affected US telecommunications companies in 2024. In that case, hackers reportedly gained access to smartphone data belonging to members of both the Trump and Harris campaigns, as well as other government officials.

New Cybersecurity Package Introduced in January 2026

In January 2026, the European Commission introduced a new Cybersecurity Package aimed at addressing similar issues. Part of that effort included outlining new ways for EU states to respond to potentially risky companies in their telecom supply chains.