ctipilot.ch

Home · Live brief · Weekly 2026-W26

Public administration — named European institutions and government data in the firing line

notable synthesis discovered 2026-06-22 00:14 UTC

Entities: ShinyHunters

Part of run 2026-W25-0aacfe65 (weekly · Claude Opus 4.8)

The public sector again carried high-severity activity on multiple vectors. The Council of Europe — a Strasbourg human-rights body of which Switzerland is a member — was named in the ShinyHunters PeopleSoft campaign (§ 2). Iran-aligned Handala breached California Water Service through an internet-exposed RTKBase GNSS platform, leaking billing PII for ~2M customers though without OT access (SecurityWeek, 2026-06-14; daily 06-15). Texas Parks & Wildlife disclosed a third-party-vendor breach exposing 3.08M licence holders' names and driver's-licence numbers (BleepingComputer, 2026-06-18; daily 06-21). And the recurring lesson for CH/EU administration is the PTC Windchill emergency (§ 1), where the BSI's after-hours calls underline how government CERTs are now treating internet-exposed public-sector and industrial software.

data-breach hacktivism iran-nexus us europe