- Breach affected BIRD website hosted by external provider
- Supervisor has often called for banks to do more on IT risks
The European Central Bank said one of its websites was hacked by unauthorized people who may have stolen private information including contact data.
According to an emailed statement, hackers installed malware onto an external server that hosts the Banks’ Integrated Reporting Dictionary, or BIRD, to aid phishing activities. It’s possible that email addresses, names and position titles of 481 subscribers to the BIRD newsletter may have been captured, the ECB said, but that passwords were not.
The ECB has closed down the website until further notice after discovering the breach during regular maintenance work, and is contacting people whose data may have been stolen. Neither ECB internal systems nor market-sensitive data were compromised.
The BIRD website provides banks with details on how to produce statistical and supervisory reports, according to the statement. It’s physically separate from any other external and internal ECB systems.
“The ECB takes data security extremely seriously,” the institution said. It has informed the European Data Protection Supervisor about the incident.
The security breach comes after the Frankfurt-based institution itself made repeated calls for commercial banks in the region to invest in more secure information technology systems amid a growing number of cyber threats.
Click here to read more about ECB website hack