European Commission Data Breach: 300GB Stolen in Trivy Supply Chain Attack
Hackers stole over 300GB of data from the European Commission's AWS environment using an API key compromised in the Trivy supply chain attack, exposing personal information for 71 EU entities including 42 Commission clients.
Key Points
- Over 300GB of data stolen from European Commission AWS environment
- Breach linked to TeamPCP group's compromise of Trivy vulnerability scanner on March 19
- Personal data including names, email addresses, and email contents exposed for 71 EU entities
- Same supply chain attack also resulted in theft of Cisco source code
Full Details
The European Commission has confirmed a major data breach linked to the TeamPCP hacking group's compromise of Aqua Security's Trivy vulnerability scanner. Attackers gained access to the Commission's AWS account using an API key that was compromised on March 19 when the Commission inadvertently downloaded a tainted version of the Trivy tool. The breach resulted in the theft of approximately 300GB of data, including personal information such as names, email addresses, and email contents. CERT-EU reported that the exfiltrated data relates to websites hosted for up to 71 clients of the Europa web hosting service: 42 internal clients of the European Commission and at least 29 other Union entities. The same supply chain attack also compromised Cisco, resulting in the theft of portions of the company's source code.
Why It Matters
This breach demonstrates the cascading risks of supply chain attacks on security tools, where a compromise of a single widely-used vulnerability scanner can expose hundreds of organizations. The incident underscores the need for rigorous verification of security tools before deployment and highlights how even security-conscious organizations can be vulnerable through their supply chain.
Get stories like this delivered daily
AI-curated news, personalized to your interests. Zero noise.
Start 7-Day Free Trial →More in Global News
Trump Fires Pam Bondi as Attorney General
President Trump has fired Attorney General Pam Bondi, marking a significant leadership change at the Department of Justice. The firing raises questions about Bondi's tenure and her legacy at the DOJ.
Geopolitical Anxiety Overtakes Economy as Top Barrier to International Travel
A new Travel Weekly survey reveals 72% of U.S. travel advisors report clients postponing or canceling international trips due to global conflicts, nearly doubling from 38% in December and surpassing concerns over inflation (55%) and the economy (42%).
White House Proposes Massive Defense Spending Increase, Lawmakers React
Lawmakers are responding to the White House's substantial defense spending proposal, with reactions ranging from support to criticism regarding the budget request.
Iran War's Economic Impact Felt Across US Economy with Signs of Further Strain Ahead
Americans are experiencing rising costs due to the Iran conflict, with gas prices exceeding $6/gallon in Los Angeles, Amazon adding fuel surcharges to deliveries, and mortgage rates hitting seven-month highs.