The European Commission is investigating a cyberattack that targeted its digital infrastructure earlier this week, raising fresh concerns about the resilience of European institutions

against increasingly sophisticated cyber threats.

The breach was detected on Tuesday and is believed to have affected the Commission’s cloud environment, specifically systems supporting its public-facing websites hosted on the Europa.eu platform. Despite the intrusion, the websites remained operational throughout the incident.

Officials say they moved quickly to contain the attack and secure both services and sensitive data. While early assessments suggest the damage is limited, investigators are still working to determine the full scope of the breach. Other European Union bodies have also been alerted in case the attack spread beyond the Commission’s systems.

Initial findings indicate that the Commission’s internal networks were not compromised.However, there are growing indications that some data may have been exfiltrated. “We will analyse the incident thoroughly and use the findings to further strengthen our cybersecurity capabilities,” the Commission said in a statement.

According to cybersecurity outlet BleepingComputer, the alleged attacker claims to have stolen as much as 350 gigabytes of data, including databases. The individual reportedly shared screenshots with journalists as proof, showing what appears to be internal information related to Commission officials and parts of an email system.

In an unusual twist, the attacker is not said to be seeking a ransom. Instead, they allegedly plan to release the stolen data publicly at a later stage—an approach that aligns with a growing trend of so-called “hack-and-leak” operations.

Context: cyberattacks in Europe on the rise (2024–2026)

This incident comes amid a sharp increase in cyberattacks across Europe over the past two years, targeting both public institutions and critical infrastructure.

In 2024 and 2025, several high-profile attacks exposed vulnerabilities across the continent:

- Government agencies in multiple EU countries faced coordinated phishing and ransomware campaigns, often linked to state-sponsored groups.

- Critical infrastructure—including energy grids and transport systems—was increasingly targeted, particularly following geopolitical tensions related to the war in Ukraine.

- Healthcare systems in countries like Germany and France experienced disruptive ransomware attacks, affecting hospital operations and patient data security.

- The European Parliament itself reported cyber incidents in 2024, highlighting persistent threats to EU institutions.

Security experts note a shift in attacker behavior: instead of simply encrypting data for ransom, many groups now focus on stealing and leaking sensitive information to maximize political or reputational damage.

The latest breach at the European Commission underscores a broader reality—European institutions remain high-value targets in an evolving cyber battlefield. As digital infrastructure becomes more interconnected, the challenge of defending it continues to grow. Photo by B_A, Wikimeedia commons.