Secretariat of the Council of Europe, EDQM and Parliamentary Assembly of the Council of Europe: ShinyHunters Claims Theft of 297GB of Council of Europe Data, ...

Secretariat of the Council of Europe, EDQM and Parliamentary Assembly of the Council of Europe: ShinyHunters Claims Theft of 297GB of Council of Europe Data, ...

ShinyHunters Claims Massive Data Breach at Council of Europe, Threatens Leak by 16 June

The cybercrime group ShinyHunters has asserted responsibility for a significant breach targeting the Council of Europe, threatening to release 297GB of allegedly stolen data unless its demands are met by 16 June 2026. The group claims the exfiltrated dataset includes 429,000 files, spanning records from 2011 to 2026, with potential exposure for over 10,000 current and former employees, contractors, and job applicants.

According to posts on the group’s dark web "pay-or-leak" portal, the compromised data encompasses HR, payroll, and financial records from multiple Council of Europe entities, including the Secretariat, Human Resources Directorate, Parliamentary Assembly, EDQM, and payroll administration. The stolen files reportedly contain 409,000 payslips, 14,000 CVs, and 3,700 internal HR documents, alongside salary details, bank account information, tax records, social security data, and personal identifiers such as names, addresses, and contact details.

Cybersecurity experts warn that if the claims are verified, the exposed data could fuel phishing attacks, identity theft, financial fraud, and social engineering campaigns. The breach may impact permanent and temporary staff, HR personnel, interpreters, institutional partners, and job applicants.

While ShinyHunters has provided detailed assertions, the full scope and authenticity of the breach remain unconfirmed, with no independent verification of the data’s volume or sensitivity. As the 16 June deadline approaches, the incident has heightened concerns across European institutions regarding the potential fallout from a large-scale data leak.

Source: https://www.ibtimes.sg/shinyhunters-claims-theft-297gb-council-europe-data-threatens-leak-429000-files-87935

Secretariat of the Council of Europe TPRM report: https://www.rankiteo.com/company/council-of-europe

EDQM TPRM report: https://www.rankiteo.com/company/council-of-europe

Parliamentary Assembly of the Council of Europe TPRM report: https://www.rankiteo.com/company/council-of-europe

"id": "cou1781521412",
"linkid": "council-of-europe",
"type": "Breach",
"date": "6/2026",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': '10,000+ (current and former '
                                              'employees, contractors, job '
                                              'applicants, HR personnel, '
                                              'interpreters, institutional '
                                              'partners)',
                        'industry': 'Government/Public Sector',
                        'location': 'Europe',
                        'name': 'Council of Europe',
                        'type': 'Intergovernmental Organization'}],
 'data_breach': {'data_exfiltration': 'Yes (297GB of data)',
                 'number_of_records_exposed': '429,000 files',
                 'personally_identifiable_information': ['Names',
                                                         'Addresses',
                                                         'Contact details',
                                                         'Bank account '
                                                         'information',
                                                         'Tax records',
                                                         'Social security '
                                                         'data'],
                 'sensitivity_of_data': 'High (salary details, bank account '
                                        'information, tax records, social '
                                        'security data, personal identifiers)',
                 'type_of_data_compromised': ['HR records',
                                              'Payroll records',
                                              'Financial records',
                                              'Payslips',
                                              'CVs',
                                              'Internal HR documents']},
 'description': 'The cybercrime group ShinyHunters has asserted responsibility '
                'for a significant breach targeting the Council of Europe, '
                'threatening to release 297GB of allegedly stolen data unless '
                'its demands are met by 16 June 2026. The group claims the '
                'exfiltrated dataset includes 429,000 files, spanning records '
                'from 2011 to 2026, with potential exposure for over 10,000 '
                'current and former employees, contractors, and job '
                'applicants. The compromised data encompasses HR, payroll, and '
                'financial records from multiple Council of Europe entities, '
                'including the Secretariat, Human Resources Directorate, '
                'Parliamentary Assembly, EDQM, and payroll administration. The '
                'stolen files reportedly contain 409,000 payslips, 14,000 CVs, '
                'and 3,700 internal HR documents, alongside salary details, '
                'bank account information, tax records, social security data, '
                'and personal identifiers such as names, addresses, and '
                'contact details.',
 'impact': {'brand_reputation_impact': 'Heightened concerns across European '
                                       'institutions',
            'data_compromised': '297GB of data, 429,000 files',
            'identity_theft_risk': 'High (phishing, identity theft, financial '
                                   'fraud, social engineering)',
            'payment_information_risk': 'High (bank account information '
                                        'exposed)'},
 'investigation_status': 'Unconfirmed (authenticity and scope unverified)',
 'motivation': 'Extortion (Pay-or-leak)',
 'ransomware': {'data_exfiltration': 'Yes'},
 'references': [{'source': 'ShinyHunters dark web portal'}],
 'threat_actor': 'ShinyHunters',
 'title': 'ShinyHunters Claims Massive Data Breach at Council of Europe, '
          'Threatens Leak by 16 June',
 'type': 'Data Breach'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.