The European Union’s cybersecurity agency has blamed a notorious hacker group called TeamPCP for the recent data breach at the EU's executive body. Around 92 gigabytes of compressed data, including personal information and email contents, were stolen from an AWS account used by the bloc's institutions.

The hack affected the cloud infrastructure of the Commission’s Europa.eu platform, impacting member states who use it to host websites and publications of the EU’s institutions. At least 29 other EU entities may have been compromised as well.

The stolen data was later published online by another hacking group known as ShinyHunters. CERT-EU reports that close to 52,000 files contain sent email messages, with a significant number having little to no content. Emails that bounced back with an error might pose a risk of personal data exposure.

The breach was traced back to the Commission inadvertently downloading a copy of a compromised open source security tool called Trivy. Hackers then used this access to pivot and obtain sensitive data stored in the Commission’s AWS account, following an earlier hack targeting Trivy.

While CERT-EU is still analyzing the published data, it has already contacted affected organizations. The revelation comes amid growing concerns over cybercriminals working together to extort their victims through supply chain attacks on open source security projects.