The European Commission has confirmed that its central infrastructure managing mobile devices detected traces of a cyberattack, prompting swift containment measures and reinforcing the urgency of new cybersecurity legislation designed to strengthen Europe’s digital resilience.
Cyberattack detected on EU mobile device infrastructure
On January 30, the European Commission identified evidence of a cyber incident affecting the infrastructure used to manage mobile devices for its staff. According to the Commission, the attack may have resulted in access to limited contact data, specifically staff names and mobile phone numbers.
Authorities emphasized that:
- The incident was contained within nine hours
- The affected system was cleaned quickly
- No mobile devices were compromised
The Commission, in an official news statement, said it is taking the breach seriously and will conduct a full review to strengthen its cybersecurity posture. Continuous monitoring remains in place to ensure the integrity of internal systems.
The incident highlights the growing cyber threat landscape facing European institutions and underscores the need for stronger defenses against increasingly sophisticated attacks.
Rising cyber and hybrid threats across Europe
The European Commission warned that Europe faces daily cyber and hybrid attacks targeting essential services and democratic institutions. These threats are often carried out by advanced criminal networks and state-backed actors.
In response, the EU is accelerating efforts to enhance cyber resilience, protect sensitive infrastructure and reduce systemic vulnerabilities across the region.
CERT-EU’s role in defending EU institutions
The cybersecurity incident was handled with the support of CERT-EU, the central cybersecurity service responsible for protecting EU institutions, agencies and bodies.
CERT-EU provides:
- 24/7 threat monitoring
- Automated alert systems
- Rapid incident response capabilities
Its operations are overseen by the Interinstitutional Cybersecurity Board (IICB), which coordinates cybersecurity policies, sets security standards and ensures strict cyber hygiene across EU administration.
EU launches new cybersecurity package
The cyber incident coincides with the European Commission’s announcement of a comprehensive cybersecurity package aimed at strengthening the Union’s collective defenses.
Introduced on January 20, 2026, the package includes the proposed Cybersecurity Act 2.0, which focuses on securing ICT supply chains and improving incident response across the EU.
The initiative builds on several existing frameworks, including:
- The NIS2 Directive
- The Cyber Solidarity Act
- The European Cyber Shield
- The Cyber Emergency Mechanism
Together, these measures aim to improve Europe’s ability to detect, respond to and recover from large-scale cyber threats.
Trusted ICT supply chain framework targets high-risk suppliers
A central pillar of the revised Cybersecurity Act is the creation of a Trusted ICT Supply Chain framework. The initiative aims to mitigate risks linked to high-risk third-country suppliers and reduce dependencies that could expose critical infrastructure to foreign interference.
Key goals include:
- A harmonised, risk-based approach to supply chain security
- Joint risk identification across 18 critical sectors
- Mandatory derisking of European mobile telecom networks from high-risk suppliers
- Alignment with the EU’s 5G security toolbox
The Commission stressed that supply chain security now extends beyond technical risks to include geopolitical and economic considerations.
Simplified cybersecurity certification for products and services
The revised Cybersecurity Act also modernizes the European Cybersecurity Certification Framework (ECCF), designed to ensure products and services are secure by design before reaching EU citizens.
Key improvements include:
- Faster certification scheme development within 12 months
- Simplified procedures and governance
- Greater transparency and stakeholder involvement
- Certification for ICT products, services, processes and managed security services
Managed by ENISA, the certification framework will help businesses demonstrate compliance with EU cybersecurity rules while reducing administrative burden and costs.
The Commission believes this will strengthen trust in Europe’s digital ecosystem and create a competitive advantage for EU companies.
Simplifying compliance for thousands of businesses
The cybersecurity package also introduces targeted amendments to the NIS2 Directive to simplify compliance requirements.
The changes are expected to benefit:
- 28,700 companies overall
- 6,200 micro and small enterprises
- 22,500 small mid-cap companies
The amendments aim to:
- Clarify legal obligations
- Simplify jurisdiction rules
- Streamline ransomware incident reporting
- Improve cross-border supervision through ENISA
These measures complement the Digital Omnibus initiative, which proposes a single entry point for incident reporting.
Strengthening Europe’s cyber resilience
The Commission’s rapid response to the cyberattack and its broader legislative push reflect Europe’s growing focus on cybersecurity as a strategic priority.
By combining stronger regulation, improved coordination and enhanced technical capabilities, the EU aims to protect critical infrastructure, businesses and citizens from an evolving cyber threat landscape.
The latest developments demonstrate that cybersecurity has become central to Europe’s digital sovereignty strategy, with supply chain security, incident response and cross-border cooperation at the heart of the EU’s long-term approach.
BABURAJAN KIZHAKEDATH
