Signal

European Commission cloud breach traced to TeamPCP supply chain attack on Trivy

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-03 06:34 UTCUpdated 2026-04-03 20:17 UTC

rss

cveexploitsbreachesmalwarethreat_actorsadvisories

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (5)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (4 domains)

4 top sources shown

Multiple EU entities impacted by European Commission breach, CERT-EU says

SC Media · News · scworld.com · 2026-04-03 20:17 UTC

EU cyber agency attributes major data breach to TeamPCP hacking group

The Record (Recorded Future News) · News · therecord.media · 2026-04-03 18:15 UTC

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

CSO Online · News · csoonline.com · 2026-04-03 16:18 UTC

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environ...

SANS Internet Storm Center (Handler's Diary) · News · isc.sans.edu · 2026-04-03 13:18 UTC

View all evidence

Overview

CERT-EU has attributed a significant data breach affecting the European Commission's cloud infrastructure to a supply chain attack on Aqua Security's Trivy vulnerability scanner by the hacking group TeamPCP.

Entities

Aqua SecurityTrivy

Score total

1.38

Momentum 24h

5

Posts

5

Origins

5

Source types

1

Duplicate ratio

0%

Why now

The breach was disclosed in early April 2026 following forensic analysis by CERT-EU.
The incident is part of an ongoing TeamPCP supply chain campaign affecting over 1,000 SaaS environments.
Immediate response and mitigation efforts are critical to prevent further data exposure and attacks.

Why it matters

Supply chain attacks on security tools can lead to widespread breaches across critical infrastructure.
The breach exposed personal data of EU officials and users across multiple European Union entities.
Highlights the importance of securing cloud credentials and monitoring for unauthorized access.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

The European Commission cloud breach was caused by a supply chain attack on Aqua Security's Trivy vulnerability scanner.
The hacking group TeamPCP is responsible for the European Commission data breach.
Approximately 340-350 GB of data, including personal information from multiple EU entities, was stolen and leaked.

How sources frame it

CERT-EU: neutral

All evidence

All evidence

Multiple EU entities impacted by European Commission breach, CERT-EU says

SC Media · scworld.com · 2026-04-03 20:17 UTC

EU cyber agency attributes major data breach to TeamPCP hacking group

The Record (Recorded Future News) · therecord.media · 2026-04-03 18:15 UTC

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

CSO Online · csoonline.com · 2026-04-03 16:18 UTC

TeamPCP Supply Chain Campaign: Update 006 - CERT-EU Confirms European Commission Cloud Breach, Sportradar Details Emerge, and Mandiant Quantifies Campaign at 1,000+ SaaS Environ...

SANS Internet Storm Center (Handler's Diary) · isc.sans.edu · 2026-04-03 13:18 UTC

Trivy supply chain attack enabled European Commission cloud breach

Help Net Security · helpnetsecurity.com · 2026-04-03 06:34 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 5Origin domains: 5Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 5 / 0

Top publishers (this list)

SC Media (1)
The Record (Recorded Future News) (1)
CSO Online (1)
SANS Internet Storm Center (Handler's Diary) (1)
Help Net Security (1)

Top origin domains (this list)

scworld.com (1)
therecord.media (1)
csoonline.com (1)
isc.sans.edu (1)
helpnetsecurity.com (1)