In a new report, CERT-EU also reported that the hackers stole around 92 gigabytes of compressed data from a compromised Amazon Web Services (AWS) account used by the bloc's executive, the European Commission, which included personal data containing names, email addresses, and the contents of emails. While the size of the data breach is itself notable, the cyber agency's attribution blaming two separate hacking groups for the same incident is unusual. A member of ShinyHunters told TechCrunch in an online chat that they had stolen some of the data that TeamPCP had previously taken in earlier attacks, and then leaked it. CERT-EU said that the breach originated on March 19 when hackers acquired a secret API key associated with the European Commission's AWS account, following an earlier hack targeting the open source security tool Trivy. The Commission inadvertently downloaded a copy of the compromised Trivy tool following the project's recent breach, allowing the hackers to steal its...
learn more
