#ShinyHunters Claims Major Data Breach at Council of Europe, Affecting 10,000 Staff Members

The hacking group ShinyHunters has claimed responsibility for a significant data breach at the Council of Europe, alleging access to personnel and salary records for approximately 10,000 employees. According to the cybercriminals, around 297 gigabytes of data were stolen, comprising more than 429,000 individual files.

#The Breach and Stolen Data

ShinyHunters posted the Council of Europe on their darknet leak site, claiming to have accessed the organization's personnel and payroll systems. The group provided a detailed inventory of allegedly stolen documents, which includes:

• Approximately 409,000 salary records spanning the past 15 years
• More than 14,000 CVs and résumés
• 3,700 personnel files
• 10,700 additional documents containing contract records, travel reimbursements, interpreter schedules, 2026 salary tables, duty rosters, absence and sick leave reports, bank account details, payroll data, performance evaluations, and salary exports

The Council of Europe, which represents 46 European nations and focuses on human rights, democracy, and rule of law, has not yet officially confirmed the breach. The organization is distinct from the European Union, though both use the same flag.

#Risks to Affected Employees

Security researchers from Cybernews warn that the disclosure of this specific data poses severe risks to the compromised individuals. The stolen information enables criminals to construct comprehensive victim profiles for malicious purposes. Compromised data allegedly includes:

• Full names and employee identification numbers
• Home addresses and telephone numbers
• Birth dates and salary levels
• Bank account details and tax information
• Social security data and medical reports

The combination of financial data, addresses, and sensitive medical information creates opportunities for targeted extortion, identity theft, and financial fraud. Security experts anticipate an initial wave of fraudulent calls and emails impersonating human resources departments or financial institutions.

Additionally, since Council of Europe staff work on sensitive human rights cases, there is a risk that threat actors could weaponize this private information to apply pressure or intimidate employees.

#ShinyHunters' Track Record

ShinyHunters has been active since 2019 and is known for conducting extensive attacks against major brands and institutions. In recent weeks alone, the group claimed responsibility for breaches affecting Ralph Lauren, Madison Square Garden Sports, and retail chain JCPenney.

In March 2026, ShinyHunters also claimed to have compromised the European Commission, allegedly stealing approximately 350 gigabytes of data. Security researchers link the group to a larger criminal network that includes Scattered Spider and Lapsus$. Despite criminal arrests in Canada, France, Turkey, and Finland, these operations have not resulted in a permanent halt to ShinyHunters' activities.