A cyber attack that has forced the European Central Bank (ECB) to temporarily shut down one of its websites went unnoticed for more than six months.
The ECB closed its Banks’ Integrated Reported Dictionary on Thursday after it emerged that hackers had infiltrated the site in December 2018 and infected it with malware.
The malware is believed to have been deployed as part of a phishing campaign and may have been used to extract subscribers’ email addresses, names and titles.
“The ECB is contacting people whose data may have been affected,” said an ECB spokesperson. “The breach succeeded in injecting malware onto the external server to aid phishing activities.”
According to the bank, no market-sensitive data was stolen during the attack on the site, which is hosted by a third-party and provides advice on financial reporting.
Ilia Kolochenko, chief executive of security company ImmuniWeb, said the “breach and its consequences are minuscule compared to most of the other breaches that have occurred in 2019. However, the nature of the breach and the time it took to detect it are quite alarming.”
Darktrace’s chief analyst, Mike Beck, added: “What’s worrying about this kind of attack is that it is often invisible to both the site owner and users. In this case, unbeknownst to ECB, hackers infected the site with harmful code and were harvesting data of newsletter subscribers, probably to launch sophisticated secondary attacks, like spear-phishing.”