The European Commission said a cyberattack discovered on March 24, 2026 affected the cloud infrastructure that hosts its Europa.eu web platform, which is used for the Commission’s public web presence. According to the Commission’s initial findings, data was extracted from the affected websites, although officials said the incident was contained quickly and that internal Commission systems were not compromised. The full impact is still under investigation.
The incident stands out because the Commission acknowledged publicly that data had been taken, even while saying there was no disruption to core internal systems. It has started notifying potentially affected EU entities and said it is putting additional protective measures in place while investigators work to understand exactly what was accessed and how far the breach spread. At this stage, the Commission has not publicly identified a responsible actor in its official statement.
Author: Jamie Rina