The European Central Bank (ECB) said on Thursday that unauthorised parties had breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external provider.
As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured. The affected information consists of the email addresses, names and position titles of the subscribers.
The ECB is contacting people whose data may have been affected. „The breach succeeded in injecting malware onto the external server to aid phishing activities. The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected.”, according to the press release.
The BIRD website provides the banking industry with details on how to produce statistical and supervisory reports. It is physically separate from any other external and internal ECB systems.
The breach came to light during regular maintenance work.
The ECB takes data security extremely seriously. We have informed the European Data Protection Supervisor about the breach. The ECB is taking the necessary steps to ensure that the website can safely resume operations.
„For more than a week now, ScoreRise enrolls daily hundreds of users through an innovative facial recognition interface. Enrollment takes less than a minute and it does not require presence of a human operator or video recording. And, of course, it stays fully GDPR compliant with help from Reff & Associates and Deloitte Romania.”