ECB shuts down one of its websites following hack

Second time in five years that EU central bank’s site has been hacked

The ECB said in a statement that it “takes data security extremely seriously”. Photograph: Bloomberg
The ECB said in a statement that it “takes data security extremely seriously”. Photograph: Bloomberg

Hackers have embarrassed the European Central Bank by breaching one of its websites, installing malware on to the site and stealing the contact details of 481 subscribers to a statistical newsletter.

It is the second time in five years that one of the ECB’s websites has been hacked and raises questions about the cyber-security measures taken by the central bank, which is itself responsible for supervising the data-protection practices of the euro zone’s banking system.

The ECB said it had closed its Banks’ Integrated Reporting Dictionary (Bird) website, which had been hacked into several months ago after detecting the breach late last week during routine maintenance.

The Bird website is hosted by a third party and is physically separate from other external and internal ECB systems, it said, adding: “Neither ECB internal systems nor market-sensitive data were affected.”

READ MORE

Database

The hackers used the database behind the Bird website to host software for phishing attacks, which are designed to steal people’s data or money by pretending to be a trusted entity. The ECB contacted the 481 subscribers to the Bird newsletter on Thursday but was still investigating whether any of them have suffered such attacks.

The ECB said in a statement that it “takes data security extremely seriously” and it had informed the European Data Protection Supervisor about the breach.

Five years ago, the ECB said there had been a security breach on its public website, leading to the theft of email addresses and other contact details of people registering for events at the Frankfurt-based institution. – Copyright The Financial Times Limited 2019