European Commission
Company Details
Linkedin ID:
european-commission
Website:
Employees number:
41,562
Number of followers:
2,433,673
NAICS:
92
Industry Type:
Homepage:
europa.eu
IP Addresses:
0
Company ID:
EUR_2644357
Scan Status:
In-progress
Internal validation & live display
Multiple badges & continuous verification
Faster underwriting decisions
European Commission Vendor Cyber Rating & Cyber Score
europa.euThe Commission represents and upholds the interests of the EU as a whole, and is independent of national governments. The European Commission prepares legislation for adoption by the Council (representing the member countries) and the Parliament (representing the citizens). It administers the budget and the policy programmes (agriculture, fisheries, research etc.) in cooperation with authorities in the member countries. Visit http://www.europa.eu/ if you want to learn more about the EU, or call the free service number 00 800 6789 10 11 from anywhere in the EU, they speak all 24 official languages. Disclaimer: The European Commission is working to ensure that social networks respect the highest standards of data protection. All users of social networks should be particularly careful about how they disclose their personal information and about how it may be used by third parties and the social network themselves. The presence of the European Commission on LinkedIn does not mean that we endorse or in any way agree with the privacy policy or practices of this professional social media network. Read more about our social media policy → europa.eu/!dyJq74
European Commission A.I CyberSecurity Scoring
European Commission Risk Score (AI oriented)Between 700 and 749
European Commission
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
European Commission Global Score (TPRM)XXXX
European Commission
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
European Commission Company CyberSecurity News & History
Past Incidents
4
Attack Types
2
Amazon Web Services (AWS)
IvantiEuropean Commission: EU Commission web platform hit by cyber-attack on March 24
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: EU Commission’s Europa Web Platform Hit by Cyberattack, Data Likely Stolen On March 24, the European Commission confirmed a cyberattack targeting its cloud infrastructure hosting the Europa web platform, a key portal for EU communications and services. The incident, detected and contained swiftly, is under investigation, with early findings indicating that data was exfiltrated from affected websites. The Commission stated that internal systems remained unaffected, though it did not disclose the scope of the stolen data or attribute the attack to any group or individual. The breach follows a pattern of rising cyber threats against EU institutions, with no further details provided on potential motives or methods used. The attack was publicly disclosed on March 27, as the Commission continues to assess the full impact. No disruption to critical operations has been reported. The incident underscores ongoing vulnerabilities in public-sector digital infrastructure amid geopolitical tensions.
European Commission: European Commission investigating breach after Amazon cloud account hack
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: EU Commission Investigates Cloud Breach After Threat Actor Steals 350GB of Data The European Commission is probing a security breach after a threat actor infiltrated its Amazon cloud infrastructure, gaining access to sensitive employee data. While the EU’s executive body has not publicly acknowledged the incident, sources confirmed to *BleepingComputer* that at least one account managing the compromised cloud environment was affected. The attack was swiftly detected, prompting the Commission’s cybersecurity incident response team to launch an investigation. The threat actor, who claimed responsibility, told *BleepingComputer* they exfiltrated over 350GB of data including multiple databases and provided screenshots as proof of access to employee information and an internal email server. Unlike typical ransomware attacks, the actor stated they have no plans to extort the Commission but intend to leak the data online at a later date. This breach follows a separate incident in January, when the Commission disclosed a hack of its mobile device management platform, linked to vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) software. Similar attacks targeted other European institutions, including Finland’s Valtori and the Dutch Data Protection Authority. The incidents coincide with heightened cybersecurity concerns in the EU. In January, the Commission proposed new legislation to bolster defenses against state-backed cyber threats, while the Council of the European Union recently sanctioned three Chinese and Iranian firms for cyberattacks on critical infrastructure.
European Commission: European Commission Investigating Cyberattack
Cyber Attack
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: EU Commission Detects Cyberattack on Mobile Device Management Systems On January 30, CERT-EU, the European Commission’s cybersecurity team, identified a cyberattack targeting the Commission’s IT infrastructure, specifically systems used for mobile device management. The incident was swiftly contained, with affected systems restored within nine hours. While no mobile devices were compromised, CERT-EU confirmed that hackers may have accessed personal data of some European Commission staff, including names and phone numbers. The agency is conducting a full review to strengthen cybersecurity measures and prevent future breaches. The European Commission emphasized its commitment to securing internal systems, framing the response as part of a broader EU initiative to bolster cybersecurity across all institutions. This effort aligns with the recently introduced Cybersecurity Package, announced on January 20, aimed at enhancing resilience against growing cyber and hybrid threats targeting critical services and democratic institutions. The incident follows recent cybersecurity breaches affecting other European entities, including the European Space Agency and major firms targeted by access system vulnerabilities.
European Parliament
Cyber Attack
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: The European Parliament website faced a sophisticated cyber attack. It disrupted its services moments after members voted to declare Russia a state sponsor of terrorism. They have a strong indication that it is from Killnet, the hackers with links to Russia indeed..
European Commission Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for European Commission
Incidents vs Government Administration Industry Average (This Year)
European Commission has 94.81% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
European Commission has 156.41% more incidents than the average of all companies with at least one recorded incident.
Incident Types European Commission vs Government Administration Industry Avg (This Year)
European Commission reported 3 incidents this year: 2 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — European Commission (X = Date, Y = Severity)
European Commission cyber incidents detection timeline including parent company and subsidiaries
European Commission Company Subsidiaries
The Commission represents and upholds the interests of the EU as a whole, and is independent of national governments. The European Commission prepares legislation for adoption by the Council (representing the member countries) and the Parliament (representing the citizens). It administers the budget and the policy programmes (agriculture, fisheries, research etc.) in cooperation with authorities in the member countries. Visit http://www.europa.eu/ if you want to learn more about the EU, or call the free service number 00 800 6789 10 11 from anywhere in the EU, they speak all 24 official languages. Disclaimer: The European Commission is working to ensure that social networks respect the highest standards of data protection. All users of social networks should be particularly careful about how they disclose their personal information and about how it may be used by third parties and the social network themselves. The presence of the European Commission on LinkedIn does not mean that we endorse or in any way agree with the privacy policy or practices of this professional social media network. Read more about our social media policy → europa.eu/!dyJq74
Loading...
European Commission Similar Companies
State of Florida
Join Florida’s talented workforce to fulfill your professional goals and achieve a meaningful career. Our talented public servants work hard to serve more than 19 million residents across Florida, and you, too, can realize success in the Sunshine State. Working in Florida’s state government mean
Official LinkedIn page for the state of Oregon. Oregon is a state in the Pacific Northwest region of the United States. It is located on the Pacific coast, with Washington to the north, California to the south, Nevada on the southeast and Idaho to the east. The Columbia and Snake rivers delineate mu
INSS
O Instituto Nacional do Seguro Social (INSS) é uma autarquia do Governo Federal do Brasil que recebe as contribuições para a manutenção do Regime Geral da Previdência Social, sendo responsável pelo pagamento da aposentadoria, pensão por morte, auxílio-doença, auxílio-acidente, entre outros benefício
City of Cape Town
Cape Town, or the Mother City, is South Africa’s oldest city, its second-most populous and the legislative capital. It is made up of a diverse population, a rich history, world-famous tourist attractions and an exciting calendar of international and local events. More than 231 councillors and 26 22
State of Maryland
Maryland is on the path to becoming the best state in the nation. Referred to as “America in Miniature”, Maryland embodies the very spirit of the United States. Maryland is home to ethnic groups of every origin, just about every natural feature, and much like our country, opportunity! If you are
Helsingin kaupunki – Helsingfors stad – City of Helsinki
#MeTeemmeHelsingin Helsingin kaupunki on Suomen suurin työnantaja, jonka palveluksessa on lähes 39 000 ammattilaista ja asiantuntijaa. Helsingin kaupunki tarjoaa henkilöstölle monipuolisia, mielenkiintoisia ja yhteiskunnallisesti merkittäviä työtehtäviä, hyvät mahdollisuudet kehittymiseen, ammatti
City of Amsterdam
Working for Amsterdam means working for the most beautiful city in the world. Think of its rich history, the role Amsterdam plays internationally, and events such as Sail, Gay Pride and King’s Day. Of course everybody wants to visit Amsterdam, or work or live here. As you can probably imagine, work
Government of Alberta
Work with the Alberta government to build a stronger province for current and future generations. We offer diverse and rewarding employment opportunities in an environment that encourages continuous learning and career growth. We are one of the largest employers in Alberta with over 27,000 empl
eThekwini Municipality
EThekwini Municipality is a Metropolitan Municipality found in the South African province of KwaZulu-Natal. Home to the world-famous city of Durban. EThekwini is the largest City in the province and the third largest city in the country. It is a sophisticated cosmopolitan city of over 3 468 088 peop
.png)
European Commission CyberSecurity News
April 02, 2026 07:35 PM
EU data regulators support loosening cybersecurity compliance requirements
The European Union's key data privacy regulators have said that they support streamlining compliance and reporting requirements under plans...
April 02, 2026 02:44 PM
The next link in Supply Chain regulation: EU Commission proposals on digital sovereignty and high risk vendors
The EU Commission warns of rising state‑backed cyber threats and proposes strict new CSA2 supply chain rules requiring scrutiny of vendors'...
April 02, 2026 11:00 AM
European Commission Cloud Infrastructure Security Breach Leaks Hundreds of Gigabytes of Data
A security breach at the European Commission has enabled a threat actor to steal hundreds of gigabytes of data from its Amazon cloud...
April 01, 2026 07:54 PM
Top EU officials’ Signal group chat shut down over hacking fears
European Commission department chiefs and their deputies were told to stop gabbing on the encrypted app following a series of cyberattacks...
April 01, 2026 12:09 PM
EU boosts Ukraine’s deep tech with €20 million European Commission funding
The European Commission has announced it will help fund Ukrainian innovation with €20 million for 41 promising start-ups and small and...
April 01, 2026 09:40 AM
Targeted consultation on EU Space Law
If you want to make further contribution, you can do so until 28 November 2023 on the Have your Say portal. Have your Say. On the 13th of September 2023,...
March 31, 2026 01:15 PM
Who is Behind the Cyber Attack on the European Commission?
European Commission suffered a cyberattack targeting the cloud infrastructure behind its Europa.eu platform, data was stolen and...
March 31, 2026 11:36 AM
The European Commission got hacked for the second time this year
The European Commission – the same regulatory body that slaps big fines on tech heavyweights like Apple and Meta and issues AI safety...
March 31, 2026 11:31 AM
EU Commission Probes AWS Breach After 350 GB Data Theft
The European Commission has launched an investigation into a breach of its AWS cloud environment after a threat actor claimed to have stolen...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
European Commission CyberSecurity History Information
Official Website of European Commission
The official website of European Commission is https://commission.europa.eu.
European Commission’s AI-Generated Cybersecurity Score
According to Rankiteo, European Commission’s AI-generated cybersecurity score is 747, reflecting their Moderate security posture.
How many security badges does European Commission’ have ?
According to Rankiteo, European Commission currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has European Commission been affected by any supply chain cyber incidents ?
According to Rankiteo, European Commission has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are:
- Amazon Web Services (AWS) (Incident ID: EUR1774635987)
- Amazon Web Services (AWS) (Incident ID: EUR1774628727)
- Ivanti (Incident ID: EUR1770630855)
Does European Commission have SOC 2 Type 1 certification ?
According to Rankiteo, European Commission is not certified under SOC 2 Type 1.
Does European Commission have SOC 2 Type 2 certification ?
According to Rankiteo, European Commission does not hold a SOC 2 Type 2 certification.
Does European Commission comply with GDPR ?
According to Rankiteo, European Commission is not listed as GDPR compliant.
Does European Commission have PCI DSS certification ?
According to Rankiteo, European Commission does not currently maintain PCI DSS compliance.
Does European Commission comply with HIPAA ?
According to Rankiteo, European Commission is not compliant with HIPAA regulations.
Does European Commission have ISO 27001 certification ?
According to Rankiteo,European Commission is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of European Commission
European Commission operates primarily in the Government Administration industry.
Number of Employees at European Commission
European Commission employs approximately 41,562 people worldwide.
Subsidiaries Owned by European Commission
European Commission presently has no subsidiaries across any sectors.
European Commission’s LinkedIn Followers
European Commission’s official LinkedIn profile has approximately 2,433,673 followers.
NAICS Classification of European Commission
European Commission is classified under the NAICS code 92, which corresponds to Public Administration.
European Commission’s Presence on Crunchbase
No, European Commission does not have a profile on Crunchbase.
European Commission’s Presence on LinkedIn
Yes, European Commission maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/european-commission.
Cybersecurity Incidents Involving European Commission
As of April 02, 2026, Rankiteo reports that European Commission has experienced 4 cybersecurity incidents.
Number of Peer and Competitor Companies
European Commission has an estimated 12,424 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at European Commission ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.
How does European Commission detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with yes, and containment measures with incident swiftly contained, and remediation measures with affected systems restored, and recovery measures with systems restored within nine hours, and enhanced monitoring with full review to strengthen cybersecurity measures, and incident response plan activated with yes, and communication strategy with limited public acknowledgment, and incident response plan activated with yes, and containment measures with swift containment..
Incident Details
Can you provide details on each incident ?
Title: Cyber Attack on European Parliament Website
Description: The European Parliament website faced a sophisticated cyber attack. It disrupted its services moments after members voted to declare Russia a state sponsor of terrorism. There is a strong indication that it is from Killnet, the hackers with links to Russia.
Type: Cyber Attack
Threat Actor: Killnet
Motivation: Political
Title: Cyberattack on EU Commission Mobile Device Management Systems
Description: CERT-EU detected a cyberattack targeting the European Commission’s IT infrastructure, specifically systems used for mobile device management. The incident was contained, and affected systems were restored within nine hours. Hackers may have accessed personal data of some European Commission staff, including names and phone numbers.
Date Detected: 2024-01-30
Date Publicly Disclosed: 2024-01-30
Type: Cyberattack
Title: EU Commission Cloud Breach: Threat Actor Steals 350GB of Data
Description: The European Commission is investigating a security breach after a threat actor infiltrated its Amazon cloud infrastructure, gaining access to sensitive employee data. The threat actor exfiltrated over 350GB of data, including multiple databases and employee information, with plans to leak it online.
Type: Data Breach
Attack Vector: Cloud Infrastructure Compromise
Motivation: Data Exfiltration (Non-Ransomware)
Title: EU Commission’s Europa Web Platform Hit by Cyberattack, Data Likely Stolen
Description: On March 24, the European Commission confirmed a cyberattack targeting its cloud infrastructure hosting the Europa web platform, a key portal for EU communications and services. The incident, detected and contained swiftly, is under investigation, with early findings indicating that data was exfiltrated from affected websites. The Commission stated that internal systems remained unaffected, though it did not disclose the scope of the stolen data or attribute the attack to any group or individual. The breach follows a pattern of rising cyber threats against EU institutions, with no further details provided on potential motives or methods used.
Date Detected: 2024-03-24
Date Publicly Disclosed: 2024-03-27
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber Attack EUR2025241122
Systems Affected: European Parliament website
Incident : Cyberattack EUR1770630855
Data Compromised: Personal data of some European Commission staff, including names and phone numbers
Systems Affected: Mobile device management systems
Downtime: 9 hours
Operational Impact: Systems restored within nine hours
Identity Theft Risk: Potential risk due to exposure of personal data
Incident : Data Breach EUR1774628727
Data Compromised: 350GB of data, including databases and employee information
Systems Affected: Amazon cloud infrastructure, internal email server
Brand Reputation Impact: Potential reputational damage to the European Commission
Identity Theft Risk: High (employee data exposed)
Incident : Data Breach EUR1774635987
Data Compromised: Yes
Systems Affected: Europa web platform (cloud infrastructure)
Operational Impact: No disruption to critical operations reported
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal data, Databases, Employee Information, Internal Email Server Data and .
Which entities were affected by each incident ?
Incident : Cyber Attack EUR2025241122
Entity Name: European Parliament
Entity Type: Government
Industry: Governmental
Location: Europe
Incident : Cyberattack EUR1770630855
Entity Name: European Commission
Entity Type: Government
Industry: Public Sector
Location: European Union
Customers Affected: European Commission staff
Incident : Data Breach EUR1774628727
Entity Name: European Commission
Entity Type: Government Institution
Industry: Public Sector
Location: European Union
Size: Large
Customers Affected: Employees
Incident : Data Breach EUR1774635987
Entity Name: European Commission
Entity Type: Government
Industry: Public Sector
Location: European Union
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Cyberattack EUR1770630855
Incident Response Plan Activated: Yes
Containment Measures: Incident swiftly contained
Remediation Measures: Affected systems restored
Recovery Measures: Systems restored within nine hours
Enhanced Monitoring: Full review to strengthen cybersecurity measures
Incident : Data Breach EUR1774628727
Incident Response Plan Activated: Yes
Communication Strategy: Limited public acknowledgment
Incident : Data Breach EUR1774635987
Incident Response Plan Activated: Yes
Containment Measures: Swift containment
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as Yes, Yes, Yes.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Cyberattack EUR1770630855
Type of Data Compromised: Personal data
Sensitivity of Data: Names and phone numbers
Personally Identifiable Information: Names and phone numbers
Incident : Data Breach EUR1774628727
Type of Data Compromised: Databases, Employee information, Internal email server data
Sensitivity of Data: High (employee data, internal communications)
Data Exfiltration: Yes (350GB exfiltrated)
Personally Identifiable Information: Yes
Incident : Data Breach EUR1774635987
Data Exfiltration: Yes
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Affected systems restored.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by incident swiftly contained and swift containment.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach EUR1774628727
Ransom Demanded: No
Ransom Paid: No
Data Encryption: No
Data Exfiltration: Yes
How does the company recover data encrypted by ransomware ?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Systems restored within nine hours.
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Cyberattack EUR1770630855
Lessons Learned: Need to strengthen cybersecurity measures to prevent future breaches
What recommendations were made to prevent future incidents ?
Incident : Cyberattack EUR1770630855
Recommendations: Enhance resilience against growing cyber and hybrid threats targeting critical services and democratic institutions
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Need to strengthen cybersecurity measures to prevent future breaches.
What recommendations has the company implemented to improve cybersecurity ?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Enhance resilience against growing cyber and hybrid threats targeting critical services and democratic institutions.
References
Where can I find more information about each incident ?
Incident : Cyberattack EUR1770630855
Source: CERT-EU
Incident : Data Breach EUR1774628727
Source: BleepingComputer
Incident : Data Breach EUR1774635987
Source: European Commission
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: CERT-EU, and Source: BleepingComputer, and Source: European Commission.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Cyberattack EUR1770630855
Investigation Status: Ongoing
Incident : Data Breach EUR1774628727
Investigation Status: Ongoing
Incident : Data Breach EUR1774635987
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Limited public acknowledgment.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Cyberattack EUR1770630855
Stakeholder Advisories: Commitment to securing internal systems as part of broader EU cybersecurity initiatives
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Commitment to securing internal systems as part of broader EU cybersecurity initiatives.
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Cyberattack EUR1770630855
Corrective Actions: Full review to strengthen cybersecurity measures
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Full review to strengthen cybersecurity measures.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Full review to strengthen cybersecurity measures.
Additional Questions
General Information
Has the company ever paid ransoms ?
Ransom Payment History: The company has Paid ransoms in the past.
What was the amount of the last ransom demanded ?
Last Ransom Demanded: The amount of the last ransom demanded was No.
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Killnet.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-01-30.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-03-27.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal data of some European Commission staff, including names and phone numbers, 350GB of data, including databases and employee information and Yes.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was European Parliament website and and and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Incident swiftly contained and Swift containment.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Yes, Personal data of some European Commission staff, including names and phone numbers, 350GB of data and including databases and employee information.
Ransomware Information
What was the highest ransom demanded in a ransomware incident ?
Highest Ransom Demanded: The highest ransom demanded in a ransomware incident was No.
What was the highest ransom paid in a ransomware incident ?
Highest Ransom Paid: The highest ransom paid in a ransomware incident was No.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Need to strengthen cybersecurity measures to prevent future breaches.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Enhance resilience against growing cyber and hybrid threats targeting critical services and democratic institutions.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are CERT-EU, BleepingComputer and European Commission.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Commitment to securing internal systems as part of broader EU cybersecurity initiatives, .
.png)
Latest Global CVEs (Not Company-Specific)
Description
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbtt_InitFont_internal in the library stb_truetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
Risk Information
cvss2
Base: 5.0
Severity: LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read in VS6ComFile!get_macro_mem_COM. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain a stack-based buffer overflow in VS6ComFile!CSaveData::_conv_AnimationItem. Opening a crafted V7 file may lead to arbitrary code execution on the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6MemInIF!set_temp_type_default. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
V-SFT versions 6.2.10.0 and prior contain an out-of-bounds read vulnerability in VS6ComFile!load_link_inf. Opening a crafted V7 file may lead to information disclosure from the affected product.
Risk Information
cvss3
Base: 7.8
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=european-commission' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
