ShinyHunters Claims Council of Europe HR Data, Threatens Leak
The cyber extortion group ShinyHunters claims to have stolen 297GB of sensitive data from the Council of Europe, including payroll records, medical information, and resumes spanning 16 years, and is threatening to leak it by June 16, 2026 unless demands are met. The Council of Europe has not confirmed the breach and is investigating the claims, while security researchers remain on alert due to the group's history of high-profile attacks.
The cyber extortion group ShinyHunters claims to have exfiltrated 297GB of sensitive data from the Council of Europe, including payroll records, medical information, employee data, and over 14,000 resumes collected since 2011. The group posted details on its data leak site, stating the stolen files span multiple departments such as human resources, the Secretariat, and the European Directorate for the Quality of Medicines & HealthCare (EDQM). According to the claim, the data includes payroll information for over 10,000 employees, performance evaluations, contracts, purchase orders, absence reports, and medical records, as well as 409,000 payslips and 3,700 personal files containing names, dates of birth, IDs, addresses, phone numbers, tax information, and Social Security data. The group has given the Council of Europe until June 16, 2026, to comply with ransom demands or risk having the data exposed online. This follows a familiar extortion tactic used by ShinyHunters, which advertises breaches and imposes deadlines to pressure victims into negotiations before releasing stolen data. The Council of Europe has not confirmed the breach and is currently investigating the matter, leaving key questions unanswered about the authenticity of the data, the method of access, and whether any information has already been shared. ShinyHunters has been linked to multiple high-profile data breaches this year, including attacks on Oracle customers and other major organizations, lending credibility to its claims. Security researchers are monitoring the situation closely, though the incident remains unconfirmed until the Council of Europe responds or the group releases the data. The threat highlights the growing trend of data theft and public leak threats as leverage in modern ransomware-style extortion campaigns. The claim underscores a broader trend of European organizations becoming prime targets for cyber extortion groups. Recent incidents, such as the University of Nottingham data breach affecting over 450,000 students, further illustrate the vulnerability of institutions across the continent. Until verification or a data dump occurs, the Council of Europe’s response will determine whether this claim escalates into a confirmed breach.
This content was automatically generated and/or translated by AI. It may contain inaccuracies. Please refer to the original sources for verification.