InfoSecBulletin Cybersecurity for mankind
The EU’s cybersecurity agency said on Thursday that a recent hack and data leak at the EU was done by a cybercriminal group called TeamPCP.
In a new report, CERT-EU said that hackers exfiltrated about 92 gigabytes of data from an Amazon Web Services (AWS) account linked to the European Commission. This data had personal information like names, email addresses, and email content.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
The breach hit the cloud system of the Commission’s Europa.eu site. Member states use this site to host websites and publications for the bloc’s institutions and agencies.
CERT-EU said that at least 29 more EU groups might be affected, and many internal European Commission clients could also have data stolen. The stolen data was then posted online by another hacking group, the notorious ShinyHunters.
A ShinyHunters member told TechCrunch in a chat that they exfiltrated some data from TeamPCP, which had stolen it before, and then shared it.
CERT-EU said that the breach started on March 19 when hackers got a secret API key from the European Commission’s AWS account. This happened after a hack on the open-source tool Trivy. The Commission accidentally downloaded a bad version of Trivy after it was breached, which let the hackers steal the API key and access data in the Commission’s AWS account.
While the service said it’s still analyzing the data published online, close to 52,000 files contain sent email messages. CERT-EU said the majority of these emails are automated with little to no content, but emails that bounced back with an error “may contain the original user-submitted content, posing a risk of personal data exposure.”
CERT-EU said it is already in contact with affected organizations.
