Executive Vice-President Henna Virkkunen, in a written answer on 23 June 2026, acknowledged a cyberattack on the Commission's Drupal cloud hosting service that compromised data from 39 internal clients and 18 other EU entities, and outlined steps to improve security. The answer, responding to a question from MEP Alvise Pérez (NI) submitted on 29 April 2026, confirmed that attackers exploited compromised credentials from Aqua Security to deploy a malicious version of the Trivy security scanner, enabling them to steal credentials and evade detection temporarily. Virkkunen stated that the breach occurred outside Commission-monitored systems and that affected entities, as independent operational controllers, are conducting their own risk assessments. The Commission is collaborating with CERT-EU and other bodies to strengthen cybersecurity, with lessons from the incident informing future improvements. The answer did not specify the number of individuals affected or announce any consequences for decision-makers, as requested by Pérez. The Commission's response focuses on technical remediation and cooperation rather than accountability measures, signalling a continued emphasis on system upgrades over personnel changes.
Source✉ Open answer ↗
Asked byAlvise Pérez (NI) · answered by Henna Virkkunen