European Commission’s Data Stolen in Hack on AWS Account

Cyberattack on the European Commission - The European Commission experienced a cyberattack on March 24, which may have led to the theft of internal data, specifically targeting its Amazon Web Services account [1][2] - An internal investigation is currently underway to assess the extent of the breach, although the commission's internal systems were reportedly not affected [2] Nature of the Attack - The attack was attributed to compromised account credentials rather than a breach of Amazon's systems, as confirmed by Amazon Web Services [3] - The hacker claimed to have stolen over 350 gigabytes of data [3] Context of Cybersecurity Threats - Government agencies, particularly in the EU, are increasingly targeted by hackers, with public administration networks accounting for 38% of cyber incidents according to Enisa's annual threat report [2] - Cloud-focused attacks, especially from nation-states, are on the rise, with artificial intelligence accelerating their execution [5] Previous Incidents - In January, the commission detected another incident that may have exposed limited staff contact details, prompting a review of security measures [2] - A recent security incident involved the unauthorized upload of an intercepted WhatsApp call between a high-ranking commission official and a journalist, although both parties stated their devices showed no signs of compromise [4] Statistics on Cloud Incidents - Approximately one-third of cloud incidents are due to account abuse, where attackers log in using stolen credentials [6]