EU Institutions Struck by Major Cyber Attack

April 7, 2021 by Alberto Nardelli and Natalia Drozdiak

A range of European Union institutions including the European Commission were hit by a significant cyber attack last week.

A spokesperson for the commission said that a number of EU bodies “experienced an IT security incident in their IT infrastructure.” The spokesperson said forensic analysis of the incident is still in its initial phase and that it’s too early to provide any conclusive information about the nature of the attack.

“We are working closely with CERT-EU, the Computer Emergency Response Team for all EU institutions, bodies and agencies and the vendor of the affected IT solution,” the spokesperson said. “Thus far, no major information breach was detected.”

The attack was serious enough for senior officials at the commission to be alerted, according to a person familiar with the matter. The same person said the incident was bigger than the usual attacks that regularly hit the EU. Another EU official said that staff had recently been warned about potential phishing attempts.

Western institutions have uncovered at least two serious cyber attacks recently.

The European Banking Authority disclosed last month that its systems may have been compromised following an attack on Microsoft Corp.’s email software that was linked to China and exposed the data of tens of thousands of organizations, according to cyber-security experts. The U.S. government was hit by suspected Russian cyber attackers last year after systems at The SolarWinds Corp. were breached.