The **Council of Europe**, a leading human rights organization representing 46 member states and over 700 million people, confirmed it is looking into the claims. "We are currently investigating the matter and assessing the situation. We have no further comment to make at this stage," a spokesperson for the Council of Europe's media department stated. ### ShinyHunters' Claims and Demands **ShinyHunters** announced the alleged breach on their dark web leak site over the weekend. The group claims to have stolen more than 429,000 documents, encompassing a wide array of sensitive information from various Council departments.  The stolen data reportedly includes: * Over 409,000 payslips for more than 10,000 staff, spanning from 2011 to 2026. * More than 3,700 in-house personnel files. * Over 14,000 CVs. * Other assorted files. The group asserts that these documents contain highly personal and financial details, such as names, dates of birth, home addresses, phone numbers, employee IDs, salaries, bank account details, tax and Social Security information, and even medical records. **ShinyHunters** issued a stark warning, demanding contact by June 16, 2026, before threatening to leak the exfiltrated files and cause "several annoying (digital) problems." ### A Pattern of High-Profile Attacks This alleged breach aligns with **ShinyHunters**' recent track record of targeting prominent organizations and service providers. Over the past year, the group has claimed responsibility for a series of significant data theft campaigns. Notably, they have targeted **Salesforce** customers, boasting of stealing over 1.5 billion records through breaches affecting hundreds of companies via **Salesforce Aura** and **Salesloft Drift** campaigns. **ShinyHunters** was also implicated in attacks against over a dozen **Snowflake** customers and other third-party integration providers, highlighting their focus on supply chain vulnerabilities. More recently, the group claimed a new data theft campaign impacting over 100 organizations, including the **University of Nottingham**. This campaign reportedly exploited a zero-day vulnerability in **Oracle**'s **PeopleSoft** enterprise business software suite, demonstrating their capability to leverage critical software flaws for data exfiltration.