ShinyHunters Claims Council of Europe Hack

The extortion group threatens to leak 297 GB of data allegedly stolen from the Council of Europe, including employee personal information. The post ShinyHunters Claims Council of Europe Hack appeared first on SecurityWeek .

SecurityWeek reports that the ShinyHunters extortion group claims to have breached the Council of Europe and exfiltrated roughly 297 GB of data, including payroll records, HR files, bank details, tax and social security information, and even medical data for more than 10,000 employees, though the organization has only confirmed that an investigation is underway.[2][3] Other outlets similarly describe unverified but detailed claims of access to HR and payroll systems and hundreds of thousands of sensitive documents.[4][7] From a CyberSE.AI perspective, this incident highlights the systemic risk of bulk exposure of highly sensitive personal and financial data that could later be ingested into or accessed via AI systems, amplifying risks such as secondary identity theft, highly targeted spearphishing, extortion, and model or agent misuse based on compromised datasets. Organizations handling comparable HR and financial data should conduct an AI Security Readiness Assessment to map where such data may intersect with current or planned AI workloads, tighten access controls and logging, and ensure incident response and data governance policies explicitly cover the downstream use of breach