The European Commission has confirmed that it swiftly contained a cyberattack targeting its central infrastructure for managing mobile devices, after suspicious activity was
detected on 30 January.
According to the Commission, the incident may have led to unauthorised access to staff names and mobile phone numbers belonging to a limited number of employees. Crucially, there is no evidence that individual mobile devices were compromised. The affected system was isolated, cleaned, and secured within nine hours of the initial detection.
Commission officials stressed that the institution treats the security and resilience of its internal IT systems as a top priority. Monitoring of the situation is ongoing, and a full review of the incident is underway to strengthen future defences and improve response capabilities.
The episode comes as European institutions face a growing volume of cyber and hybrid threats targeting essential services, public administrations, and democratic institutions. Against this backdrop, the Commission reaffirmed its commitment to reinforcing the EU’s overall cybersecurity resilience and preparedness.
Stronger EU cyber defences already underway
Cybersecurity across EU institutions is coordinated by CERT-EU, the central cybersecurity service supporting all EU bodies and agencies. CERT-EU operates around the clock, providing continuous threat monitoring, automated alerts, and rapid incident response to neutralise vulnerabilities before they can be exploited.
This work is overseen by the Interinstitutional Cybersecurity Board (IICB), which coordinates policy, enforces high common security standards, and ensures strict cyber-hygiene rules are applied consistently across the EU administration.
Earlier this year, on 20 January 2026, the Commission unveiled a new Cybersecurity Package designed to further strengthen the Union’s collective digital defences. A key component of the package is the proposed Cybersecurity Act 2.0, which introduces a Trusted ICT Supply Chain framework aimed at reducing risks linked to high-risk technology suppliers.
These initiatives build on existing legislation, including the NIS2 Directive, which establishes a common legal framework for cybersecurity across 18 critical sectors in the EU. NIS2 also requires Member States to develop national cybersecurity strategies and enhance cooperation at EU level, particularly in responding to cross-border incidents.
Complementing this, the Cyber Solidarity Act seeks to boost operational cooperation through the European Cyber Shield and a Cyber Emergency Mechanism. Together, these tools are designed to ensure the EU can detect, respond to, and recover from large-scale cyber threats with speed, coordination, and collective strength. Photo by jaydeep_, Wikimedia commons.