ECB Closes Website After Breach By ‘Unauthorised Parties’

The European Central Bank (ECB) shuttered one of its websites last week after it discovered a security breach by ‘unauthorised parties’.

The website in question is the Integrated Reporting Dictionary (BIRD) website, which “provides the banking industry with details on how to produce statistical and supervisory reports.”

The ECB was quick to point out that the BIRD website is hosted by an external provider, and is physically separate from any other external and internal ECB system.

ECB breach

The ECB made the admission last Thursday, when it confirmed that the BIRD website had been hacked by unauthorised parties.

It said that email addresses and other contact data (i.e. names, job titles) of 481 subscribers to the BIRD newsletter may have been captured.

But it stressed that passwords were not accessed, and no internal systems or market-sensitive data was compromised.

It said that the BIRD website has been “shut down until further notice.”

“The breach succeeded in injecting malware onto the external server to aid phishing activities,” said the ECB. “The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected.

To make matters worse, it seems that the European Central Bank only realised that the website had been compromised when it carried out regular maintenance work.

“The ECB takes data security extremely seriously,” the central bank said. “We have informed the European Data Protection Supervisor about the breach. The ECB is taking the necessary steps to ensure that the website can safely resume operations.”

Previous hack

In 2017 the ECB warned that banks in the European Union that are directly regulated by the European Central Bank (ECB) faced similar rules that private companies now face under the current GDPR rules.

And it should be noted that this is not the first time the ECB has been hacked.

In July 2014 the ECB confirmed that hackers had breached its public website and made off with names, email addresses and other personal details of people who had registered for events there.

The attack came to light after the organisation received an anonymous email which demanded an unspecified amount of money for the data.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

15 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

15 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

16 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

16 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

17 hours ago