ECB Closes Website After Breach By ‘Unauthorised Parties’

The European Central Bank (ECB) shuttered one of its websites last week after it discovered a security breach by ‘unauthorised parties’.

The website in question is the Integrated Reporting Dictionary (BIRD) website, which “provides the banking industry with details on how to produce statistical and supervisory reports.”

The ECB was quick to point out that the BIRD website is hosted by an external provider, and is physically separate from any other external and internal ECB system.

ECB breach

The ECB made the admission last Thursday, when it confirmed that the BIRD website had been hacked by unauthorised parties.

It said that email addresses and other contact data (i.e. names, job titles) of 481 subscribers to the BIRD newsletter may have been captured.

But it stressed that passwords were not accessed, and no internal systems or market-sensitive data was compromised.

It said that the BIRD website has been “shut down until further notice.”

“The breach succeeded in injecting malware onto the external server to aid phishing activities,” said the ECB. “The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected.

To make matters worse, it seems that the European Central Bank only realised that the website had been compromised when it carried out regular maintenance work.

“The ECB takes data security extremely seriously,” the central bank said. “We have informed the European Data Protection Supervisor about the breach. The ECB is taking the necessary steps to ensure that the website can safely resume operations.”

Previous hack

In 2017 the ECB warned that banks in the European Union that are directly regulated by the European Central Bank (ECB) faced similar rules that private companies now face under the current GDPR rules.

And it should be noted that this is not the first time the ECB has been hacked.

In July 2014 the ECB confirmed that hackers had breached its public website and made off with names, email addresses and other personal details of people who had registered for events there.

The attack came to light after the organisation received an anonymous email which demanded an unspecified amount of money for the data.

Do you know all about security? Try our quiz!

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Elon Musk Disagrees With US Tariffs On Chinese EVs

Tesla's Elon Musk confirms opposition to the Biden Administration's implementation of 100 percent tariffs on…

7 hours ago

Former Cybersecurity Boss Warns UK Not Heeding China Threat

Ciaran Martin, ex-chief executive of the National Cyber Security Centre, explains growing cyber threat posed…

8 hours ago

YouTube Threatens To Block Russian Protest Group’s Anti-War Content

YouTube threatens to pull anti-war content from Russian rights group, after complaint from Putin regime's…

10 hours ago

ICO Warns PSNI It Faces £750k Fine Over Data Breach

Police Service of Northern Ireland (PSNI) says it cannot afford a £750,000 fine from the…

12 hours ago

Apple Appeals Against EU’s $2bn Music Streaming Fine

Appeal begins appeal against European Commission's €1.84bn fine over Apple's alleged ‘anti-competitive’ music streaming restrictions

15 hours ago

OpenAI Agrees Content Deal With News Corp

Another content deal signed. Agreement reached between OpenAI and News Corp for permission to its…

16 hours ago