ECB shuts down one of its websites after hacker attack

Reuters | Aug 15, 2019 at 3:19 PM

FRANKFURT, Aug 15 (Reuters) - The European Central Bank (ECB) shut down one of its websites on Thursday after it was hacked and infected with malicious software.

The ECB said no market-sensitive data had been compromised during the attack on its Banks’ Integrated Reporting Dictionary (BIRD), which it uses to provide bankers with information on how to produce statistical and supervisory reports.

But it added malware had been injected on the server hosting the site, adding that the email addresses, names and titles of the subscribers of the BIRD newsletter might have been stolen.

An ECB spokesman added the earliest evidence found of the attack dated back to December 2018, meaning it had gone undetected for months before being uncovered during maintenance work.

"The ECB is contacting people whose data may have been affected, the ECB said. "The breach succeeded in injecting malware onto the external server to aid phishing activities."

Launched in 2015, BIRD was a joint initiative of the Eurosystem of euro zone central banks and the banking industry. Participation in it was voluntary but its content was made available to all interested parties.

The ECB said BIRD was hosted by a third-party provider and was separate from any other ECB system.

"Neither ECB internal systems nor market-sensitive data were affected," the ECB said.