The European Central Bank (ECB) announced that unauthorized parties had breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external provider. As a result, it was possible that the contact data (but not the passwords) of 481 subscribers to the BIRD newsletter may have been captured.
The affected information consists of the email addresses, names and position titles of the subscribers. The ECB is contacting people whose data may have been affected. The breach succeeded in injecting malware onto the external server to aid phishing activities. The external BIRD website has been closed down until further notice. Neither ECB internal systems nor market-sensitive data were affected. The BIRD website provides the banking industry with details on how to produce statistical and supervisory reports. It is physically separate from any other external and internal ECB systems.