European Commission breached through AWS cloud account - 350GB of data reportedly stolen

Hackers broke into the European Commission's Amazon Web Services account and reportedly stole over 350GB of data, including databases and employee information. The breach was discovered on March 24 and affected the cloud infrastructure hosting Europa.eu websites. The Commission says its internal systems weren't impacted. The attacker isn't demanding ransom - they plan to publish the data instead.

Check

Review your organization's AWS account security, especially IAM policies and access keys.

Affected

Any AWS account using static credentials, weak IAM policies, or missing MFA on privileged accounts.

Fix

Enforce MFA on all AWS accounts. Rotate access keys regularly. Audit IAM permissions for least-privilege. Enable CloudTrail for all regions.