European Central Bank suffers security breach, personal data stolen

European Central Bank suffers security breach, personal data stolen

Summary: The European Central Bank's website has been hacked and personal information has been stolen by a cybercriminal.

SHARE:
TOPICS: Security, EU
1
Screen Shot 2014-07-24 at 11.19.18

The European Central Bank (ECB) admitted Thursday that a security breach has led to the theft of personal data.

The central bank for the euro announced that a database linked to its public website has been compromised, resulting in the theft of personal data related to people registering for events at the ECB via the organization's website.

A cybercriminal was able to penetrate a database storing details of people who had registered for conferences, visits and other events, but the database is physically separate from internal ECB systems. According to the ECB, "no internal systems or market sensitive data were compromised," however email addresses, physical addresses and phone numbers were stolen.

The ECB said most of the data was encrypted, but the contact information of registrants was not. According to the BBC, approximately 20,000 email addresses and a smaller number of phone numbers and physical addresses were lifted. Also stolen, in encrypted form, was "data on downloads from the ECB website."

The theft came to light after an anonymous email was sent to the ECB demanding money in exchange for the data.

The organization is now contacting people whose email addresses or other data might have been compromised, all passwords have been changed on the system as a precautionary measure, and ECB security staff have addressed the vulnerability responsible.

"The ECB takes data security extremely seriously," the organization said. "German police have been informed of the theft and an investigation has started."

Topics: Security, EU

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

1 comment
Log in or register to join the discussion
  • They were just running diagnostics on the site ...

    and they want to be paid for the vulnerabilities they found to help improve security :-)
    greywolf7