European Central Bank victim of an attempt of cyber extortion

Hackers steal user contact information and other data from a database of the European Central Bank website in an attempt of extortion.

Financial institutions are under attack, the number of cyber attacks against banking industry is increasing constantly, last malicious campaign discovered in order of time is the Operation Emmental.

A few days ago, bad actors have hacked the website of the European Central Bank, the hackers have stolen personal information, including email addresses and phone numbers probably to arrange a scam. According to the public announcement of the European Central Bank, the hackers have exploited a vulnerability to access a website database, fortunately no internal systems were affected by the attack.

The European Central Bank was informed early last week with an anonymous email sent by the attackers who were trying to extort money from the financial institution, anyway an ECB spokeswoman has confirmed that the organization will not pay anything. The representatives of the European Central Bank immediately reported the data breach to the law enforcement, police in Frankfurt, where the ECB is headquartered, has started the investigation.

The hacked database was used to store users’ information when registering for various European Central Bank events, according to the European Central Bank announcement most of the data, nearly 95 percent of the information, in the database was encrypted was protected by encryption anyway contact information were not.

“ECB announces theft of contact information

• Email addresses and contact data stolen from public ECB website
• Theft was from database that is separate from any internal system
• No market sensitive data compromised

No internal systems or market sensitive data were compromised. The database serves parts of the ECB website that gather registrations for events such as ECB conferences and visits. It is physically separate from any internal ECB systems.” states the announcement published by the European Central Bank.

According to the European Central Bank, the information exposed in the data breach includes 20,000 email addresses and reduced set of physical contact addresses and phone numbers.

In response to the attack, and as defined in every incident response plan, European Central Bank has reset all user passwords and has contacted individuals whose contact data might have been compromised. These steps are necessary to prevent further attacks on the victims, consider that in these cases, bad actors could use the stolen data for spear phishing attacks or resell them in the underground to other criminal gangs, we have to consider that stolen personal information belong to individuals working in the financial industry and for this reason are considerable a precious commodity for cybercrime ecosystem.

The experts at the European Central Bank also confirmed to have already identified and fixed the vulnerability exploited by the hackers.

It’s not clear if the attackers specifically targeted the European Central Bank or they discovered its public systems vulnerable during an Internet reconnaissance, the extortion is becoming even more popular within criminal gangs, in June, hackers threatened to release stolen personal information on more than 650,000 French and Belgian customers of Domino’s Pizza requesting 30,000 euros to the company.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

Security Affairs –  (European Central Bank, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]