The European Central Bank has had to close one of its websites after “unauthorized parties” infected it with malicious software.
The attack took place on ECBs Banks’ Integrated Reporting Dictionary (BIRD) site, a website that provides bankers with info on how to build statistical and supervisory reports.
The bank shut down the website on Thursday, but the breach was thought to happen way back in December 2018.
A spokesman for ECB says that no delicate data has been affected during the attack.
“Neither ECB internal systems nor market-sensitive data were affected,” the ECB said.
Although he does add that because of malware having been implemented on the server hosting site, there is a possibility that 481 people may have had names and email addresses taken from being signed up to BIRD’s newsletter.
The spokesman insists that no passwords were taken because of the website being “physically separate” to any other of the bank’s site. European Central Bank says they are contacting those affected.
The bigger problem behind the breach
In 2018, a replica cyber-attack was tested by ECB to investigate its cyber resilience. Which becomes worrying when it’s considered how long it took to spot the real attack.
Founder and CEO of web security company ImmuniWeb, Ilia Kolochenko, has commented on how this attack reflects on the greater problems of hacker attacks: “The breach and its consequences are minuscule compared to most of the other breaches that have occurred in 2019. However, the nature of the breach and the time it took to detect it are quite alarming. The question is how many more breaches of ECB and its externalized systems have not yet been discovered, and what will the impact be.”