EU Parliament Suffers A Major Attack

The European Parliament has been the victim of a major data breach that has meant that private data of more than a thousand staff and members of the European Parliament have been exposed online. The files available online contain passwords, job descriptions and other personal information. 

The fact that the incident appears to have been discovered not by the institution itself, but by Shadowmap, an Indian cyber security company, raises some serious EU security questions. 

It comes a decade after a major breach, reportedly initiated in China, the details of which have never been made fully public.
Shadowmap founder, Yash Kadakia, told the news website Politico that it had discovered files containing data such as passwords, job descriptions and other personal information via an internet portal that is part of the Parliament’s domain and is used by its officials. It is believed that the data, which had been taken offline, related to the European Peoples' Party (EPP), the largest political group in the European Parliament.

Kadakia, said his group had found a major data breach. and was able to easily access data and passwords from members. and after reieving a denial from the Parliamnet denied the claims went on to reveal more details of the alleged breach. 

The unprotected data also includes information of thousands of people with links to political parties and institutions, including members of EU agencies and authorities like law enforcement agency Europol, the European Data Protection Supervisor, border agency Frontex and others, Kadakia said.

The exposed data also includes 15,000+ users including journalists, members of a number of political parties and institutions.
Marcel Kolaja, the Parliament's vice president for IT policy, confirmed to Politico that data included 1,200 accounts of elected officials and staff, along with another 15,000 other accounts of EU affairs professionals, 

The information came from a system that had been run under the European Parliament’s official europarl.eu domain, Kolaja said, but the data had not been hosted by the institution itself.

EU Today:       Business Insurance:        Express

You Might Also Read: 

Iran Responsible  For Cyber Attack On British Parliament:

German Politicians Suffer Mass Hacking:

Australian Parliament Hacked:

 

 

« Hackers Will Publish President Trump's Secret Data
Nine Million EasyJet Customers Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Landry Consulting

Landry Consulting

Landry & Associates is a multidisciplinary firm specializing in risk management, performance and technology management.

European Internet Forum (EIF)

European Internet Forum (EIF)

EIF’s mission is to help provide European political leadership for the political, economic and social challenges of the worldwide digital transformation.

Council on Foreign Relations (CFR)

Council on Foreign Relations (CFR)

CFR is dedicated to better understanding the world and the foreign policy choices facing the USA and other countries. Cyber security is covered within the CFR topic areas.

Technology Association of Georgia (TAG)

Technology Association of Georgia (TAG)

TAG's mission is to educate, promote, influence and unite Georgia's technology community to stimulate and enhance Georgia's tech-based economy.

VTT Technical Research Centre of Finland

VTT Technical Research Centre of Finland

VTT is the leading research and technology company in the Nordic countries. Areas of activity include cyber security.

NetExtend

NetExtend

NetExtend services include backup and recovery, endpoint protection, network monitoring, cloud portal and billing and payment solutions.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

Cyber Security Academy (CSA)

Cyber Security Academy (CSA)

CSA organizes cyber security training with leading cyber security professionals who share their knowledge and expertise, as well as help develop your skills in training labs.

Miratech

Miratech

Miratech is a global IT services and consulting organization offering a full range of IT infrastructure solutions and services including cyber security.

GlassSquid

GlassSquid

glasssquid.io simplifies your cyber security job search. We want to help you find your next perfect fit opportunity by removing the confusion.

Prompt

Prompt

Prompt supports the creation of partnerships and the setting up of industrial-institutional applied R&D projects for all ICT sectors.

Cysiv

Cysiv

Cysiv SOC-as-a-Service combines all the elements of an advanced, proactive, threat hunting SOC, with a managed security stack for hybrid cloud, network, and endpoint security.

About Cyber Security.

About Cyber Security.

About Cybersecurity provides a galaxy-wide knowledge base of cybersecurity tactics and techniques derived from actual experience.

Duality Technologies

Duality Technologies

Duality Technologies combine Advanced Cryptography with Data Science to deliver High-Performance Privacy-Protecting Computing to Regulated Industries.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.

RankedRight

RankedRight

RankedRight empowers security teams to take immediate action on their most critical risks.