CERT-EU: European Commission hack exposes data of 30 EU entities

TeamPCP compromised an AWS API key stolen from the Trivy supply-chain attack to breach the European Commission's cloud environment on March 10, exposing 90GB of data including personal information and emails from 42 Commission clients and 29+ other EU entities now leaked on the dark web. If your organization uses AWS and pulled compromised Trivy versions, your credentials may be at risk. Verify API key rotation and audit cloud access logs for unauthorized activity.

CRITICALAdvisoryApr 04, 2026

Action required

Audit all AWS API keys and service account credentials for creation dates around the Trivy compromise window. Rotate any keys created or last rotated before March 10. Search CloudTrail logs for API calls from unfamiliar source IPs and disabled MFA sessions.

Affected products

Amazon Web ServicesEuropean CommissionLiteLLM

Linked articles

CERT-EU: European Commission hack exposes data of 30 EU entities

Source links

https://www.bleepingcomputer.com/news/security/cert-eu-european-commission-hack-exposes-data-of-30-eu-entities/