EU Parliament Suffers A Major Attack

Uploaded on 2020-05-19 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, FREE TO VIEW

The European Parliament has been the victim of a major data breach that has meant that private data of more than a thousand staff and members of the European Parliament have been exposed online. The files available online contain passwords, job descriptions and other personal information. 

The fact that the incident appears to have been discovered not by the institution itself, but by Shadowmap, an Indian cyber security company, raises some serious EU security questions. 

It comes a decade after a major breach, reportedly initiated in China, the details of which have never been made fully public.
Shadowmap founder, Yash Kadakia, told the news website Politico that it had discovered files containing data such as passwords, job descriptions and other personal information via an internet portal that is part of the Parliament’s domain and is used by its officials. It is believed that the data, which had been taken offline, related to the European Peoples' Party (EPP), the largest political group in the European Parliament.

Kadakia, said his group had found a major data breach. and was able to easily access data and passwords from members. and after reieving a denial from the Parliamnet denied the claims went on to reveal more details of the alleged breach. 

The unprotected data also includes information of thousands of people with links to political parties and institutions, including members of EU agencies and authorities like law enforcement agency Europol, the European Data Protection Supervisor, border agency Frontex and others, Kadakia said.

The exposed data also includes 15,000+ users including journalists, members of a number of political parties and institutions.
Marcel Kolaja, the Parliament's vice president for IT policy, confirmed to Politico that data included 1,200 accounts of elected officials and staff, along with another 15,000 other accounts of EU affairs professionals, 

The information came from a system that had been run under the European Parliament’s official europarl.eu domain, Kolaja said, but the data had not been hosted by the institution itself.

EU Today:       Business Insurance:        Express

You Might Also Read: 

Iran Responsible  For Cyber Attack On British Parliament:

German Politicians Suffer Mass Hacking:

Australian Parliament Hacked:

 

 

« Hackers Will Publish President Trump's Secret Data
Nine Million EasyJet Customers Hacked »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

SecureAuth

SecureAuth

SecureAuth delivers cutting edge identity and information security solutions for cloud, mobile, web, and VPN systems.

CEPS

CEPS

CEPS is a leading think tank and forum for debate on EU affairs, ranking among the top think tanks in Europe. Topic areas include Innovation, Digital economy and Cyber-security.

Bugcrowd

Bugcrowd

As leaders in crowdsourced security testing, Bugcrowd connects companies and their applications to a crowd of tens of thousands of security researchers to identify critical software vulnerabilities.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

Forter

Forter

Forter provides new generation fraud prevention to meet the challenges faced by modern enterprise e-commerce.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

Blake, Cassels & Graydon (Blakes)

Blake, Cassels & Graydon (Blakes)

Blakes is one of Canada’s top business law firms serving national and international clients in specialist areas including cyber security.

Accel

Accel

Accel is a leading venture capital firm that invests in people and their companies from the earliest days through all phases of private company growth. Areas of focus include cybersecurity.

Quzara

Quzara

Quzara provides trusted advisory services and highly adaptive cybersecurity services to federal, commercial and Defense Industrial Base customers to meet their security compliance and cyber needs.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.

Chugach Government Solutions (CGS)

Chugach Government Solutions (CGS)

CGS performs work for the Federal Government across 4 unique core lines of business, including: Facilities Management and Maintenance, Construction, Technical IT and Cyber Services, and Educational Se

Hook Security

Hook Security

Setting a new standard in security awareness. Hook Security is a people-first company that uses psychological security training to help companies create security-aware culture.

Gomboc.ai

Gomboc.ai

Gomboc solve cloud infrastructure security policy deviations by providing tailored remediations to the IaC (Infrastructure as Code).

Apollo Secure

Apollo Secure

Apollo is an automated cybersecurity platform for startups and small businesses to achieve and maintain security compliance.

Veracity Trust Network

Veracity Trust Network

Veracity Trust Network safeguards organisations from the threat of bot attacks on their public facing platforms.

Soteria Communications

Soteria Communications

Soteria Communications supports clients to prepare for and manage crises, with a focus on cyber incidents.