EU Parliament Suffers A Major Attack

Uploaded on 2020-05-19 in TECHNOLOGY--Hackers, INTELLIGENCE--Europe, FREE TO VIEW

The European Parliament has been the victim of a major data breach that has meant that private data of more than a thousand staff and members of the European Parliament have been exposed online. The files available online contain passwords, job descriptions and other personal information. 

The fact that the incident appears to have been discovered not by the institution itself, but by Shadowmap, an Indian cyber security company, raises some serious EU security questions. 

It comes a decade after a major breach, reportedly initiated in China, the details of which have never been made fully public.
Shadowmap founder, Yash Kadakia, told the news website Politico that it had discovered files containing data such as passwords, job descriptions and other personal information via an internet portal that is part of the Parliament’s domain and is used by its officials. It is believed that the data, which had been taken offline, related to the European Peoples' Party (EPP), the largest political group in the European Parliament.

Kadakia, said his group had found a major data breach. and was able to easily access data and passwords from members. and after reieving a denial from the Parliamnet denied the claims went on to reveal more details of the alleged breach. 

The unprotected data also includes information of thousands of people with links to political parties and institutions, including members of EU agencies and authorities like law enforcement agency Europol, the European Data Protection Supervisor, border agency Frontex and others, Kadakia said.

The exposed data also includes 15,000+ users including journalists, members of a number of political parties and institutions.
Marcel Kolaja, the Parliament's vice president for IT policy, confirmed to Politico that data included 1,200 accounts of elected officials and staff, along with another 15,000 other accounts of EU affairs professionals, 

The information came from a system that had been run under the European Parliament’s official europarl.eu domain, Kolaja said, but the data had not been hosted by the institution itself.

EU Today:       Business Insurance:        Express

You Might Also Read: 

Iran Responsible  For Cyber Attack On British Parliament:

German Politicians Suffer Mass Hacking:

Australian Parliament Hacked:

 

 

« Hackers Will Publish President Trump's Secret Data
Nine Million EasyJet Customers Hacked »

Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cylance Smart Antivirus

Cylance Smart Antivirus

An antivirus that works smarter, not harder, from BlackBerry. Lightweight, non-intrusive protection powered by artificial intelligence. BUY NOW - LIMITED DISCOUNT OFFER.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Perimeter 81

Perimeter 81

Perimeter 81 is a Zero Trust Network as a Service designed to simplify secure network, cloud and application access for the modern and distributed workforce.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

Mega

Mega

Mega is a secure cloud data storage provider with browser-based high-performance end-to-end encryption.

Wehowsky.com

Wehowsky.com

We specialize in developing innovative solutions to detect cyber threats in near real time by looking for suspicious anomalies in computer networks.

IoT European Research Cluster (IERC)

IoT European Research Cluster (IERC)

IERC brings together EU-funded projects with the aim of defining a common vision for IoT technology and development research challenges.

National Cyber Security Centre (NCSC) Switzerland

National Cyber Security Centre (NCSC) Switzerland

The National Cyber Security Centre is Swizerland's competence centre for cybersecurity and the first contact point for businesses, public administrations, and the public for cyber issues.

Hacker House

Hacker House

Hacker House teaches you what hackers can learn about your business and systems so that preventative solutions to protect your assets can be applied through active measures.

DNeX

DNeX

DNeX IT & eServices offers enterprise security solutions, managed security services and advisory services.

NoLeak

NoLeak

The NoLeak DeepAuth platform uses scientific-proven techniques to learn the unique behaviors of online users and continuously authenticate them.

AppGuard

AppGuard

AppGuard prevents breaches by blocking applications from performing inappropriate processes using our patented dynamic isolation and inheritance technologies.

GBT Technologies

GBT Technologies

GBT Technologies is a technology company focused on chip design and software to enable IoT, global mesh networks, and for applications relating to artificial intelligence.

Deduce

Deduce

Deduce use a combination of aggregate historical user data, identity risk intelligence, and proactive alerting to deliver a robust identity and authentication solution.