ECB Shuts Site After Subscriber Data Breach

Written by

The European Central Bank (ECB) has been forced to shut down one of its websites following a cyber-attack which may have compromised customer data.

The bank said in a brief statement that hackers had compromised its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external third party.

It claimed that malware had been injected onto the server “to aid phishing activities.

“As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured,” the statement continued.

“The affected information consists of the email addresses, names and position titles of the subscribers. The ECB is contacting people whose data may have been affected.”

The BIRD website is said to provide the banking industry with info designed to help produce statistical and supervisory reports.

The ECB said that as it is physically separate from any other external and internal ECB systems, no market-sensitive data has been affected by the incident.

The BIRD website has been closed until further notice and the European Data Protection Supervisor informed about the breach.

This isn’t the first time the ECB has been hit by hackers. In 2014, attackers managed to compromise a database containing website form data – stealing 20,000 email addresses which they then tried to hold to ransom.

The financial sector has always been a major target for hackers.

It has seen a 67% increase in security breaches over the past five years, with the average cost of cybercrime for financial institutions jumping $1.4m over the past year to reach $13m, according to an Accenture report from earlier this year.

What’s hot on Infosecurity Magazine?