The European Central Bank (ECB) said on Thursday that unauthorised parties had breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external provider.
As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured. The affected information consists of the email addresses, names and position titles of the subscribers.
The ECB is contacting people whose data may have been affected. „The breach succeeded in injecting malware onto the external server to aid phishing activities. The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected.”, according to the press release.
The BIRD website provides the banking industry with details on how to produce statistical and supervisory reports. It is physically separate from any other external and internal ECB systems.
The breach came to light during regular maintenance work.
The ECB takes data security extremely seriously. We have informed the European Data Protection Supervisor about the breach. The ECB is taking the necessary steps to ensure that the website can safely resume operations.
„Though Libra has met with fierce resistance from central banks and supervisory authorities and might never see the light of day, in many other cases tech firms (both start-ups and established big players) have successfully captured bits and pieces of universal banks’ traditional value chain. This trend may only intensify in the coming years. In this environment, European banks remain squeezed.”