A computer hacker has breached security at the European Central Bank and stolen information from a public website, an attack which emerged only after officials at the ECB received a blackmail email demanding money in return for the data stolen.
The ECB released a statement on Thursday saying “there had been a breach of the security protecting a database serving its public website. This led to the theft of email addresses and other contact data left by people registering for events at the ECB.”
The central bank emphasised that the hacker did not steal any market sensitive information. The theft was from a database separate from the internal system: “No internal systems or market sensitive data were compromised. The database serves parts of the ECB website that gather registrations for events such as ECB conferences and visits. It is physically separate from any internal ECB systems,” the statement said.
According to the Financial Times, the ECB first learned of the attack on Monday evening, when it received an anonymous email demanding money in exchange for the stolen information: “The ECB said it would not pay anything in return for the information. It did not disclose how much the blackmailer had requested.”
The central bank is contacting people whose email addresses, thought to be as many as 20,000, or other data might have been compromised.
The statement said: “The ECB takes data security extremely seriously. German police have been informed of the theft and an investigation has started. ECB data security experts have addressed the vulnerability.”