Information about more than a thousand staff and members of the European Parliament has been exposed to what a key lawmaker called a "major data breach." This is reported by Politico.
The data includes 1,200 accounts of elected officials and staff, along with another 15,000 other accounts of EU affairs professionals, Marcel Kolaja, the Parliament's vice president for IT policy.
The exposed information (“a huge amount of data”) includes sensitive information and encrypted passwords, he added.
It comes from a system that had been run under the European Parliament’s official "europarl.eu" domain, Kolaja said, but the data had not been hosted by the institution itself.
“The system in question is a system run by one particular political group and it was data by that political group," Kolaja said, "and they were immediately made aware of that incident.”
Kolaja declined to say which political group was affected. But information about the affected server suggested that it is the European People’s Party (EPP), the largest political faction in the Parliament.
EPP group spokesperson Pedro López de Pablo confirmed in an email that a database containing email addresses and passwords had been exposed.
However, he added, that database was outdated and only contained information "used by the people who [were] subscribed to our old website back in 2018." That website is no longer in use after the group launched a new website in January 2019, López de Pablo said.
Both the EPP's "servers and the current database have not been exposed," López de Pablo wrote.