MEP Alvise Pérez (NI) has submitted a written parliamentary question to the European Commission demanding answers about a cyberattack that compromised personal data from the Commission's cloud infrastructure. The attack, confirmed by the Commission on 27 March 2026, exposed names, usernames, and email addresses from Europa.eu websites, potentially affecting users across multiple EU entities. Pérez is pressing for the number of individuals and entities impacted, why the breach was not detected in time, and who will face consequences for the security failure.
The question, filed on 29 April 2026 under Rule 144, targets the Commission's responsibility for protecting its own systems. Pérez asks three concrete points: the scale of the data compromise, the failure to block the exfiltration, and accountability for political and technical decision-makers. The reference to CERT-EU's findings indicates that the breach involved a significant volume of data.
Pérez's question signals a push for greater transparency and accountability in EU cybersecurity. The Commission is expected to reply within six weeks, and its answer will indicate whether it will disclose the full extent of the breach and take corrective measures. The incident raises concerns for EU citizens whose data may be exposed, as well as for the Commission's credibility in safeguarding sensitive information. The lack of prior coverage on this topic means the question serves as the first formal parliamentary scrutiny of the event.
← Atlas › News › Digital & Communication