---
title: "Commission MDM Breach, Singapore Cyber Alliance, Senegal DAF Breach | DMARC Report"
description: "European Commission MDM hacked Jan 30, Singapore"
image: "https://dmarcreport.com/og/blog/commission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach.png"
canonical: "https://dmarcreport.com/blog/commission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach/"
---
Quick Answer
The European Commission detected and contained a January 30, 2026 intrusion of its mobile device management platform within 9 hours; CERT-EU is investigating exposure of some staff names and contact numbers. Singapore's Operation Cyber Guardian (about 100 defenders across six agencies) contained APT group UNC3886's July 2025 zero-day campaign against telcos M1, Singtel, StarHub, and Simba. Senegal's DAF briefly suspended national ID card production after an incident with no personal data confirmed compromised, while crypto users lost $12.2M+ in a single address poisoning scam, on top of $50M in similar December 2025 losses.
Related: [Free DMARC Checker](/tools/dmarc-checker/) ·[How to Create an SPF Record](/tools/spf-record-generator/) ·[SPF Record Format](/blog/spf-format-checker-dos-and-donts-for-email-authentication/)
Share
[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fcommission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Commission%20MDM%20Breach%2C%20Singapore%20Cyber%20Alliance%2C%20Senegal%20DAF%20Breach&url=undefined%2Fblog%2Fcommission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fcommission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fcommission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach%2F&title=Commission%20MDM%20Breach%2C%20Singapore%20Cyber%20Alliance%2C%20Senegal%20DAF%20Breach "Share on Reddit") [ ](mailto:?subject=Commission%20MDM%20Breach%2C%20Singapore%20Cyber%20Alliance%2C%20Senegal%20DAF%20Breach&body=Check out this article: undefined%2Fblog%2Fcommission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach%2F "Share via Email")
> From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, General Manager of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf - and whether they’re doing it correctly.
```
DMARC Report
```
Commission MDM Breach, Singapore Cyber Alliance, Senegal DAF Breach
```
```
/
```
```
RSS Feed
```
Share
Link
Embed
```
/\*! This file is auto-generated \*/ ’ title=“Embed Code” class=“input-embed input-embed-38651” readonly/>
```
```
Here’s the bulletin for week 2 in February. Last week focused on [cyberattacks](https://www.aljazeera.com/news/2025/4/15/china-accuses-us-of-launching-cyberattacks-during-asian-winter-games) targeting critical infrastructure, including the European Commission and **Singapore’s telecommunications sector**. Meanwhile, multiple crypto users have fallen prey to address poison scams. Also, the Senegal threat attack managed to disrupt crucial government services, leading to panic and confusion.
## European Commission’s mobile device management platform got hacked!
Cybercrooks managed to break into the mobile device management platform of the European Commission on **30th January**. The [European Commission](https://en.wikipedia.org/wiki/European%5FCommission) jumped into action immediately and discovered that the threat actors were unable to access the mobile devices . They managed to limit the extent of damage. The entire system was cleaned to remove any traces of the cyberattack, all within 9 hours. As of now, the European Commission is strictly monitoring the **security setup**, [bolstering cybersecurity](https://symptai.com/resources/insights/protection/bolstering-cybersecurity-through-digital-transformation), and evaluating the cyber mishap to further boost protective measures
The Commission issued an [advisory ](https://ec.europa.eu/commission/presscorner/detail/en/ip%5F26%5F342)stating that data for some staff members (names and contact numbers) has been compromised.
The cyber incident is being investigated by the [European Computer Emergency Response Team (CERT-EU)](https://cybilportal.org/actors/cert-eu/). Experts believe the stolen data can be misused by cybercriminals to attempt to access [login credentials](https://www.fortinet.com/resources/cyberglossary/login-credentials). The same data can be easily used by threat actors to carry out \*\*manual targeting on users or [spear phishing attacks](https://usaherald.com/ai-spear-phishing-attacks-surge-hackers-use-generative-ai-to-build-realistic-fake-sites/).
_This is not the first time that the Commission has been targeted by hackers._ Something similar happened back in \*\*2021 when this Commission and a few other European Union organizations were targeted by [threat actors](https://www.cybersecuritydive.com/news/microsoft-crowdstrike-other-cyber-firms-collaborate-on-threat-actor-taxon/749614/). There is still no information available as to who attacked the Commission around that time and what kind of attack it actually was.
## The biggest ever coordinated cyber defence organization in Singapore to combat a massive cyberattack against mobile operators!
_Back in 2025, Singapore’s state security agencies managed to circumvent a massive cyberattack on the four major mobile operators, namely, M1, Singtel, StarHub, and Simba Telecom._ It was an [advanced persistent threat (APT)](https://socradar.io/blog/top-10-advanced-persistent-threat-apt-groups-2024/) actor, also known as [UNC3886](https://www.channelnewsasia.com/singapore/unc3886-cyberattack-targets-singapore-telcos-threat-contained-5916906), which managed to target all four telecom operators in July 2025\. The security agencies carried out an operation called \*\*Operation Cyber Guardian to thwart the malicious intentions of the threat actor.
UNC3886 used intricate tactics to penetrate the networks of these four mobile operators. The hacker also abused a [zero-day exploit](https://www.ibm.com/think/topics/zero-day) to successfully bypass firewalls so as to operate without being detected.
Soon, the telecom operators were able to detect the threat attempts. UNC3886 did manage to access “a few critical systems” of the **telecom operators**, but because of their proactive approach and swift response, the cybercrooks could not access any [sensitive data](https://industrialcyber.co/utilities-energy-power-water-waste/pickett-usa-breach-allegedly-exposes-sensitive-engineering-data-linked-to-us-utilities/).
[IMDA](https://www.iicom.org/member/info-communications-media-development-authority-imda-singapore/), [CSA](https://www.investopedia.com/terms/c/creditsupportannex.asp), and a couple of other concerned authorities joined hands to investigate this threat attack. This is apparently the largest ever coordinated cyber defence operation organized in Singapore, and it involved a team of 100 defenders representing six different **government agencies**.
A surge in email-based cyberattacks highlights the critical importance of implementing [DMARC](https://dmarcreport.com/), [SPF](https://dmarcreport.com/what-is-spf/), and [DKIM](https://dmarcreport.com/blog/dkim-explained-how-dkim-works-and-why-is-dkim-important-for-organizations/) protocols to \*\*protect organizations from [phishing and spoofing](https://thehackernews.com/2024/07/proofpoint-email-routing-flaw-exploited.html) threats.
## Senegal’s cyberattack on DAF led to disrupted government operations
The [Directorate of File Automation (DAF)](https://seneweb.com/en/news/S%C3%A9curit%C3%A9/cyberattaque-contre-la-daf-la-production-des-cartes-didentite-nationale-suspendue%5Fn%5F482553.html) was recently targeted by threat actors. The cyber incident served as a stark reminder of how fragile the nation’s most sensitive data systems are.
_DAF is a government agency responsible for sensitive data management, including national ID cards, biometric records, passports, and electoral data._ Due to the cyberattack, DAF briefly shut down critical operations. The service disruption affected the lives of millions of **Senegalese citizens**. They could not access essential identity services for a temporary period.
DAF issued an official [public notice](https://www.pnrc.net/about-2/about-public-notice/) to inform the public of the decline in \*\*production capacity for national ID cards due to a cyber incident. A great sign of relief is that no personal data was compromised in this cyber incident.
## Steep rise in crypto attacks due to address poisoning scams
Crypto users lost millions of dollars at the beginning of \*\*2026 because of an address poisoning scam. Signature phishing scams are also adding fuel to the fire. A victim lost a whopping [$12.2 million](https://news.bitcoin.com/address-poisoning-scams-drain-millions-as-crypto-attacks-surge/) after he copied a malicious URL.
A similar address poisoning scam targeted people back in December 2025, which resulted in losses worth **$50 million**.
According to the **Scam Sniffer**, the address poisoning tactic is quite popular among cybercrooks to wipe out huge amounts from [crypto wallets](https://www.coindesk.com/business/2026/02/03/metamask-integrates-ondo-to-offer-200-tokenized-u-s-stocks-inside-crypto-wallet). Threat actors create addresses that resemble the first and last characters of a trusted wallet. They make subtle changes to the middle section. This creates a sort of visual illusion and makes it almost impossible to detect the malicious changes. Signature phishing attacks have also led to theft worth [$6.27 million ](https://news.bitcoin.com/address-poisoning-scams-drain-millions-as-crypto-attacks-surge/)from around 4741 victims . They did so using malicious signature requests.
## Topics
[ dkim ](/tags/dkim/)[ DMARC ](/tags/dmarc/)[ SPF ](/tags/spf/)
[ Vasile Diaconu ](/authors/vasile-diaconu/)
Operations Lead
Operations Lead at DuoCircle. Runs project management, developer coordination, and technical support execution for DMARC Report.
[LinkedIn Profile →](https://www.linkedin.com/in/vasile-diaconu/)
## Take control of your DMARC reports
Turn raw XML into actionable dashboards. Start free - no credit card required.
[Start Free Trial](https://app.dmarcreport.com/) [Check Your DMARC Record](/tools/dmarc-checker/)
## Related Articles
[ Foundational 8m 10 Critical Learnings From Verizon’s 2021 DBIR - A DMARCReport Perspective Nov 25, 2025 ](/blog/10-critical-learnings-from-verizons-2021-dbir-a-dmarcreport-perspective/)[ Foundational 12m 10 DNS Blacklist Insights That Improve Email Security And Deliverability Fast Nov 14, 2025 ](/blog/10-dns-blacklist-insights-to-improve-email-security-and-deliverability/)[ Foundational 12m 10 Email Spoofing Detection Tools That Dramatically Improve Brand Protection Nov 11, 2025 ](/blog/10-email-spoofing-detection-tools-that-dramatically-improve-brand-protection/)[ Foundational 12m 10 Reasons SPF Filtering Is Critical For Email Security Nov 19, 2025 ](/blog/10-reasons-spf-filtering-is-critical-for-email-security/)
```json
{"@context":"https://schema.org","@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]}
```
```json
{"@context":"https://schema.org","@type":"WebSite","name":"DMARC Report","url":"https://dmarcreport.com","description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","publisher":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```
```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Commission MDM Breach, Singapore Cyber Alliance, Senegal DAF Breach","description":"European Commission MDM hacked Jan 30, Singapore's Operation Cyber Guardian blunts UNC3886, Senegal's DAF disrupted, and crypto address poisoning bites.","url":"https://dmarcreport.com/blog/commission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach/","datePublished":"2026-02-11T12:48:06.000Z","dateModified":"2026-04-16T15:53:43.000Z","dateCreated":"2026-02-11T12:48:06.000Z","author":{"@type":"Person","@id":"https://dmarcreport.com/authors/vasile-diaconu/#person","name":"Vasile Diaconu","url":"https://dmarcreport.com/authors/vasile-diaconu/","jobTitle":"Operations Lead","description":"Vasile Diaconu is the Operations Lead at DuoCircle, the company behind DMARC Report and AutoSPF. He coordinates between engineering, product, and technical support - running project management, interfacing with developers on customer-reported issues, and making sure work that comes in through the support channel actually gets closed out. Vasile sits at the intersection of customer feedback and engineering execution, giving him a direct view of which email authentication problems customers hit most often in production.","image":"https://media.mailhop.org/dmarcreport/images/team/vasile-diaconu.jpg","knowsAbout":["SaaS Operations","Technical Support Coordination","Customer Issue Resolution","Engineering Program Management","Deployment Operations"],"worksFor":{"@type":"Organization","name":"DMARC Report","url":"https://dmarcreport.com"},"sameAs":["https://www.linkedin.com/in/vasile-diaconu/"]},"publisher":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com","logo":{"@type":"ImageObject","url":"https://dmarcreport.com/images/dmarcreport-logo.png"},"description":"DMARC reporting and email authentication management. Monitor aggregate and forensic DMARC reports, analyze authentication results, and enforce DMARC policies across all your domains.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.wikidata.org/wiki/Q138898167","https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.g2.com/products/dmarc-report/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc","https://www.trustradius.com/products/duocircle/reviews"],"aggregateRating":{"@type":"AggregateRating","ratingValue":"4.8","reviewCount":"470","bestRating":"5","worstRating":"1","url":"https://www.g2.com/products/dmarc-report/reviews"},"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://dmarcreport.com/support/"},"knowsAbout":["DMARC","DMARC Reporting","DMARC Aggregate Reports","DMARC Forensic Reports","Sender Policy Framework","DKIM","Email Authentication","Email Security","DNS Management","Email Deliverability"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://dmarcreport.com/blog/commission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach/"},"articleSection":"foundational","keywords":"dkim, DMARC, SPF","wordCount":1110,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/dmarcreport/images/2022/04/dmarc-alignment-6379.jpg","caption":"Commission MDM Breach, Singapore Cyber Alliance, Senegal DAF Breach","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}]
```
```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://dmarcreport.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://dmarcreport.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://dmarcreport.com/foundational/"},{"@type":"ListItem","position":4,"name":"Commission MDM Breach, Singapore Cyber Alliance, Senegal DAF Breach","item":"https://dmarcreport.com/blog/commission-mdm-breach-singapore-cyber-alliance-senegal-daf-breach/"}]}
```