The extortion outfit ShinyHunters has reportedly infiltrated the Council of Europe, claiming to have extracted nearly 300 gigabytes of sensitive data. This breach, if confirmed, poses a significant risk to the security of Europe’s foremost human rights body.
The Council of Europe, established in 1949 to promote human rights, democracy, and the rule of law, consists of 46 member nations, including 27 from the European Union. This institution also serves as an official observer for the United Nations. On Sunday, ShinyHunters listed the Council on its Tor-based leak site, threatening to make the stolen data public if not contacted by June 16 for negotiations.
Data Allegedly Compromised in the Breach
According to ShinyHunters, the compromised data encompasses more than 429,000 files from several departments. These include the Human Resources division, the Secretariat, the Parliamentary Assembly, and the European Directorate for the Quality of Medicines & HealthCare. The documents reportedly contain payroll details for over 10,000 Council employees, spanning from 2011 to 2026, alongside more than 14,000 CVs, and various contract and purchase order records.
The hacking group further claims that the stolen information includes personal and sensitive employee data, such as names, identification numbers, addresses, phone numbers, dates of birth, tax details, social security numbers, and medical records.
Potential Repercussions and Official Response
The Council of Europe has acknowledged the situation, stating, “We are currently investigating the matter and assessing the situation. We have no further comment to make at this stage.” This response was issued after an inquiry by SecurityWeek. The potential release of such vast sets of sensitive data could have far-reaching implications for the affected individuals and the organization.
ShinyHunters: A History of Cyber Intrusions
Since mid-2025, ShinyHunters has been associated with numerous high-profile cyber intrusions, often targeting Salesforce clients, among them Carnival, Canvas, Grafana, CarGurus, and Panera Bread. Recently, Google acknowledged that ShinyHunters exploited a zero-day vulnerability in Oracle PeopleSoft, potentially affecting around 100 organizations.
This latest claim against the Council of Europe underscores the persistent threat posed by cybercriminal groups like ShinyHunters, highlighting the importance of robust cybersecurity measures and international cooperation in combating such threats.
