The European Commission is investigating a breach after finding evidence that its mobile device management platform was hacked. The Commission said on Friday that it detected traces of a cyberattack targeting infrastructure that manages its staff’s mobile devices.
While the attackers may have accessed some staff members’ personal information, including names and phone numbers, the Commission has not yet found evidence that their mobile devices were compromised.
“On 30 January, the European Commission’s central infrastructure managing mobile devices identified traces of a cyber-attack, which may have resulted in access to staff names and mobile numbers of some of its staff members,” it said.
“The Commission’s swift response ensured the incident was contained and the system cleaned within 9 hours. No compromise of mobile devices was detected.”
The breach comes on the heels of the Commission’s proposal of new cybersecurity legislation on January 20 to strengthen defenses against state-backed and cybercrime groups targeting critical infrastructure.
Although the Commission has not disclosed how attackers gained access to the mobile device management platform, the incident appears to be linked to similar attacks targeting European institutions that exploit vulnerabilities in Ivanti Endpoint Manager Mobile software.
The Dutch Data Protection Authority and the Council for the Judiciary notified Parliament on Friday that their systems had been recently hacked in nearly identical breaches. They also confirmed the attackers exploited Ivanti EPMM vulnerabilities to access employee names, business email addresses, and telephone numbers.
“On January 29, the National Cyber Security Center (NCSC) was informed by the supplier of vulnerabilities in EPMM. EPMM is used to manage mobile devices, apps, and content, including their security,” the Dutch authorities said.
“It is now known that work-related data of AP employees, such as names, business email addresses, and telephone numbers, have been accessed by unauthorized persons.”
Ivanti, which provides enterprise mobility management software to many government and corporate clients worldwide, warned on January 29 of two critical vulnerabilities (CVE-2026-1281 and CVE-2026-1340) in Ivanti Endpoint Manager Mobile (EPMM) that were exploited in zero-day attacks.
The two security flaws are code-injection vulnerabilities that allow remote attackers to execute arbitrary code on unpatched devices without authentication.
A European Commission spokesperson was not immediately available for comment when contacted by BleepingComputer earlier today.
Modern IT infrastructure moves faster than manual workflows can handle.
In this new Tines guide, learn how your team can reduce hidden manual delays, improve reliability through automated response, and build and scale intelligent workflows on top of tools you already use.