The Alleged Breach and ShinyHunters’ Demands
The Council of Europe is investigating claims by the ShinyHunters extortion group, which stated it stole over 429,000 documents from the organization. The group posted a warning on its dark web leak site, demanding contact by June 16, 2026, or it would release the data along with additional disruptive actions. The allegedly stolen files include more than 409,000 payslips for over 10,000 staff members spanning from 2011 to 2026, along with thousands of personnel files, CVs, and other records containing names, addresses, bank account details, tax information, and medical records.
The Council’s Response and Ongoing Investigation
The Council of Europe, which represents 46 European member states and over 700 million people, confirmed it is actively investigating the matter. A spokesperson for the organization’s media department stated they are assessing the situation but declined further comment. The incident follows a pattern of ShinyHunters targeting major organizations, including previous claims of breaches affecting Salesforce customers, Snowflake clients, and most recently, over 100 organizations exploiting a zero-day vulnerability in Oracle’s PeopleSoft software.
