The European Central Bank has said that one of its websites was hacked by unauthorized people who may have stolen private information including contact data.
The European Central Bank said on Thursday that unauthorised parties had breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external provider.
As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured. The affected information consists of the email addresses, names and position titles of the subscribers. The ECB is contacting people whose data may have been affected. The breach succeeded in injecting malware onto the external server to aid phishing activities. The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected.
The BIRD website provides the banking industry with details on how to produce statistical and supervisory reports. It is physically separate from any other external and internal ECB systems.
The breach came to light during regular maintenance work.