European Central Bank is Latest Hacking Target
The European Central Bank (ECB) has revealed that its website was targeted by hackers and that email addresses and contact data left by people registering for events at the central bank has been stolen. The hacker demanded money for stolen data.
However, the ECB added that no market sensitive data or internal banking systems were compromised. “The database serves parts of the ECB website that gather registrations for events such as ECB conferences and visits. It is physically separate from any internal ECB systems,” the bank stated
The security breach was discovered late on 21 July when an anonymous hacker contacted the bank with a demand for money, an ECB spokeswoman said. Although most of the stolen data was encrypted, “parts of the database included email addresses, some street addresses and phone numbers that were not encrypted.”
German police have launched an investigation into the security breach and the ECB is contacting individuals whose email addresses and other data might have been compromised.
Commenting on the news, Jason Hart, vice president (VP) cloud security at data protection specialist SafeNet said: “We’re seeing more and more cases of cyber criminals stealing unencrypted data and either selling it on the black market, or using it for cyber blackmail. Any data stored in a plain-text state is easily readable and can be easily accessed by cyber criminals. So companies need to think about encrypting all customer data, both in storage and transit.
“Only those companies that adopt a ‘secure breach’ approach, consisting of a combination of strong authentication, data encryption and key management, can be confident that data is useless should it fall into unauthorised hands.”