EU investigating ‘IT security incident’ involving multiple agencies

The scope and nature of the incident were not immediately clear.
European Union flags sit outside the EU headquarters. (Getty)

Cybersecurity experts at the European Union are investigating an “IT security incident” involving multiple institutions, though “no major information breach” has been detected, EU officials said Tuesday.

The scope and nature of the incident were not immediately clear, but a spokesperson for the European Commission, the EU’s executive branch, said the commission had set up a “24/7 monitoring service” in response to the incident.

“The European Commission and other EU institutions, bodies or agencies have experienced an IT security incident in their IT infrastructure,” the commission spokesperson said in an email.

A spokesperson for the European Parliament said the parliament and other EU bodies had “received an alert on [a] possible vulnerability in its IT infrastructure.” The parliament “took immediate measures to check and protect its servers against this vulnerability,” the spokesperson said.


As a 27-country bloc that affects trade and foreign policy on the continent, EU institutions are natural targets for hackers of all stripes. A 2018 alleged Chinese hacking operation targeted the cables of European diplomats, private sector researchers claimed then.

More recently, in December, unidentified hackers breached the European medicines regulator, which oversees the rollout of coronavirus vaccines.  

The commission is working with CERT-EU, the bloc’s office for responding to hacking incidents, and the IT vendor whose software is involved in the incident, the commission spokesperson said. The spokesperson did not identify the IT vendor.

“At this stage, it is too early to provide any conclusive information relating to the attack vector and scope of the incident,” the statement reads.

EU employees were recently warned internally about phishing attempts, Bloomberg News reported, citing an official familiar with the matter.

Sean Lyngaas

Written by Sean Lyngaas

Sean Lyngaas is CyberScoop’s Senior Reporter covering the Department of Homeland Security and Congress. He was previously a freelance journalist in West Africa, where he covered everything from a presidential election in Ghana to military mutinies in Ivory Coast for The New York Times. Lyngaas’ reporting also has appeared in The Washington Post, The Economist and the BBC, among other outlets. His investigation of cybersecurity issues in the nuclear sector, backed by a grant from the Pulitzer Center on Crisis Reporting, won plaudits from industrial security experts. He was previously a reporter with Federal Computer Week and, before that, with Smart Grid Today. Sean earned a B.A. in public policy from Duke University and an M.A. in International Relations from The Fletcher School of Law and Diplomacy at Tufts University.

Latest Podcasts