Home / Early Warning / Cybersecurity Highlights / Leaked sensitive information from the European Parliament

Leaked sensitive information from the European Parliament

05/15/2020

Security researcher Yash Kadakia, through his digital risk management platform ShadowMap, identified a massive data leak in the European Parliament (EP). After notifying the institution of the incident, MEP Marcel Kolaja, EP Vice President and head of Technological Affairs, assured that the leak is not related to a system administered by any institution of the European Union (EU) and does not contain data on the same.

In the official report of the incident, collected by the Escudo Digital media, it is explained that ShadowMap managed to access a backup of the obsolete database of the European People's Party (EPP), exposed on an external subcontractor server called Actency. The only sensitive information obtained was 2925 passwords, but they were encrypted and salted (password protection method in which random data is used to encrypt them).