The European Commission has found traces of a cyberattack in the IT infrastructure used for managing mobile endpoints. The Dutch government has identified a similar hack within its own environment. Employee data was stolen.
Both the European Commission and the Dutch government were victims of a cyberattack in late January. Criminals were able to break into the software that the agencies use to manage mobile endpoints. In the Netherlands, the Ivanti Endpoint Manager Mobile (EPMM) is named, and it appears that the same software was also cracked at the European level.
Ivanti warned on January 29th of two critical zero-day vulnerabilities in EPMM. Attackers could use these to execute their own code. It appears that hackers have gained access to EPMM, where they were then able to steal employee data.
Names and telephone numbers
In the case of the commission, the names and mobile phone numbers of some employees have been stolen. The European Commission reports that the entire system was cleaned up within nine hours. Moreover, there are no indications of a hack of mobile devices themselves.
In the Netherlands, attackers have viewed the names, business email addresses, and telephone numbers of employees of the Dutch Data Protection Authority and the Council for the Judiciary.
The European Commission also reports that the incident is being thoroughly investigated. The hack is also being further investigated within the Dutch government.
Not the first time for Ivanti
This is not the first time that the Ivanti Endpoint Manager Mobile has come under fire. In May of last year, it came to light that Chinese hackers were able to penetrate organizations worldwide via a vulnerability in EPMM. Ivanti was also the target of hackers via various bugs in 2024.