EU Parliament Suffers A Major Attack

The European Parliament has been the victim of a major data breach that has meant that private data of more than a thousand staff and members of the European Parliament have been exposed online. The files available online contain passwords, job descriptions and other personal information. 

The fact that the incident appears to have been discovered not by the institution itself, but by Shadowmap, an Indian cyber security company, raises some serious EU security questions. 

It comes a decade after a major breach, reportedly initiated in China, the details of which have never been made fully public.
Shadowmap founder, Yash Kadakia, told the news website Politico that it had discovered files containing data such as passwords, job descriptions and other personal information via an internet portal that is part of the Parliament’s domain and is used by its officials. It is believed that the data, which had been taken offline, related to the European Peoples' Party (EPP), the largest political group in the European Parliament.

Kadakia, said his group had found a major data breach. and was able to easily access data and passwords from members. and after reieving a denial from the Parliamnet denied the claims went on to reveal more details of the alleged breach. 

The unprotected data also includes information of thousands of people with links to political parties and institutions, including members of EU agencies and authorities like law enforcement agency Europol, the European Data Protection Supervisor, border agency Frontex and others, Kadakia said.

The exposed data also includes 15,000+ users including journalists, members of a number of political parties and institutions.
Marcel Kolaja, the Parliament's vice president for IT policy, confirmed to Politico that data included 1,200 accounts of elected officials and staff, along with another 15,000 other accounts of EU affairs professionals, 

The information came from a system that had been run under the European Parliament’s official europarl.eu domain, Kolaja said, but the data had not been hosted by the institution itself.

EU Today:       Business Insurance:        Express

You Might Also Read: 

Iran Responsible  For Cyber Attack On British Parliament:

German Politicians Suffer Mass Hacking:

Australian Parliament Hacked:

 

 

« Hackers Will Publish President Trump's Secret Data
Nine Million EasyJet Customers Hacked »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perforce Software

Perforce Software

Perforce helps companies build complex software products more collaboratively, securely, and efficiently.

Mellanox Technologies

Mellanox Technologies

Mellanox Technologies is a leading supplier of end-to-end Ethernet and InfiniBand intelligent interconnect solutions and services for servers, storage, and hyper-converged infrastructure.

AFCERT

AFCERT

AFCERT is the national Computer Emergency Response Team for Afghanistan.

PakCERT

PakCERT

PakCERT is the national Computer Emergency Response Team for Pakistan.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

SKOUT Secure Intelligence

SKOUT Secure Intelligence

SkOUT Secure Intelligence (formerly Oxford Solutions) provides cyber security monitoring services to organizations around the globe.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC)

Cyber Defense Initiative Conference (CDIC) is one of the most distinguished Cybersecurity, Privacy and Information Security Conference in Thailand and Southeast Asia.

Quokka

Quokka

Quokka (formerly Kryptowire) is the source for mobile security and privacy solutions, staying steps ahead of the threat and delivering peace of mind.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

MCPc

MCPc

MCPc improves the security and well-being of our clients. We protect data, manage the complexity and sustainability of technology, empower employee performance, and ultimately reduce business risk.

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

Nonprofit Cyber

Nonprofit Cyber

Nonprofit Cyber is a first-of-its-kind coalition of global nonprofit organizations to enhance joint action to improve cybersecurity.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

Corsearch

Corsearch

Combining AI-powered technology and decades of industry expertise, Corsearch is revolutionizing how companies establish and protect their brands.

Keytos

Keytos

Keytos has revolutionized the Identity Management and PKI industry by creating cryptographic tools that allow you to go password-less by making security transparent to the user.