After finding evidence that its mobile device management platform was hacked, the European Commission has announced it is investigating a data breach affecting its staff.
The Commission said in a statement that it detected signs of a cyberattack targeting infrastructure that manages its staff’s mobile devices.
“On 30 January, the European Commission's central infrastructure managing mobile devices identified traces of a cyber-attack, which may have resulted in access to staff names and mobile numbers of some of its staff members,” it said.
However, the Commission added that it has not yet found any evidence that its employees’ mobile devices were compromised.
The statement sounds almost cheerful: “The Commission’s swift response ensured the incident was contained and the system cleaned within 9 hours. No compromise of mobile devices was detected.”
Of course, the realization most often comes later when the attackers try to blackmail organizations using the stolen data or attempt to sell it on the dark web.
Still, it’s quite ironic that the breach comes soon after the Commission proposed new cybersecurity legislation to strengthen defenses against state-backed and cybercrime groups targeting critical infrastructure.
Although the proposal does not name specific companies, EU officials have expressed concerns about Chinese tech firms such as Huawei and ZTE. Russian state-sponsored operations are also very active.
Essentially, the new cybersecurity package would grant the Commission authority to prepare EU-wide risk assessments and support restrictions or bans on certain equipment used in sensitive infrastructure.
The incident seems related to similar attacks targeting European institutions and exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software, used to manage mobile devices, apps, and content.
The Commission doesn’t say how the attackers gained access to the mobile device management platform, but the incident seems related to similar attacks targeting European institutions and exploiting vulnerabilities in Ivanti Endpoint Manager Mobile software, used to manage mobile devices, apps, and content.
Last week, an unauthorized party accessed the data of the Dutch Data Protection Authority employees, exploiting a known flaw in Ivani Endpoint Manager Mobile.
Ivanti recently released security updates for two vulnerabilities that are being actively exploited by hackers: CVE-2026-1281 and CVE-2026-1340.
These exploits allow unauthenticated users to perform a remote code execution on unpatched servers, providing persistent access to the system and letting attackers steal data or gain control over the system.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked