Hackers steal partially encrypted records from an events website that belongs to the bank
Hackers have breached the public website of the European Central Bank (ECB) and made off with names, email addresses and other personal details of people who had registered for events there.
The attack came to light on Monday, after the organisation received an anonymous email which demanded an unspecified amount of money for the data.
The ECB said most of the stolen information was encrypted, and no sensitive market data has been compromised in the breach. It didn’t indicate whether it was going to pay the ransom.
ECB does not negotiate
The institution, which administers the monetary policy of the 18 members of the Eurozone who chose to adopt the single currency, was established by the Treaty of Amsterdam in 1998 and is one of the world’s most important central banks.
Sometime this year hackers hit the database system on a public-facing website that belongs to the ECB and contains lists of people who had been registering to attend its conferences and meetings.
“While most of the data were encrypted, parts of the database included email addresses, some street addresses and phone numbers that were not encrypted,” said the bank. “The database also contains data on downloads from the ECB website in encrypted form.”
Instead of paying the ransom, the ECB has alerted the police in Germany, where it is headquartered.
“Unless we’re missing some important facts, it makes little sense for the ECB to pay a hacker money in this circumstance, as there’s no guarantee that he won’t also sell access to the data in addition to getting the ransom,” explained Tim Erlin, director of security and risk at Tripwire. “Data isn’t the same as a physical object or person. It’s copied, not stolen.”
“The fact the offender sent an email to the ECB directly asking for financial compensation for the data, could be seen as an indicator of its lack of quality,” added a spokesperson for Malwarebytes. “If the breach had accessed highly sensitive data, you would probably expect this to be sold off quietly.”
The ECB said the compromised database was physically separated from any internal systems. It has patched the flaw which enabled the attack, and started contacting people whose personal data might have been stolen. All passwords have also been reset as a precaution.
Even though the loss of personal details does not present an immediate threat, this information could be used to target the unfortunate users in further ‘spear-phishing’ campaigns.
How well do you know network security? Try our quiz and find out!