European Banking Authority reveals cyberattack on email servers
By Robin Amlot
On 7 March 2021, the European Banking Authority (EBA) revealed that it had been the subject of a cyber-attack against its Microsoft Exchange Servers. The Authority launched a full investigation, in cooperation with its ICT provider, a team of forensic experts and other relevant entities.
As a precautionary measure, the EBA decided to take its email systems offline. The EBA investigation is still ongoing and the Authority said it was deploying additional security measures and close monitoring in view of restoring the full functionality of the servers.
At time of writing, the European Banking Authority email infrastructure has been secured and analysis suggests that no data extraction has been performed and there is no indication to think that the breach has gone beyond the email servers.
The EBA said it has taken all precautionary measures to protect personal and other data and will take additional steps and provide further updates as necessary. However, as the vulnerability is related to the EBA’s email servers, access to personal data through emails held on those servers may have been obtained by the attacker.
Several press reports point the finger at a Chinese hacking group which has been blamed for a number of attacks in recent months against Microsoft mail servers.
Dirk Geeraerts, VP EMEA Access Management at Thales, commented that the attack on the European Banking Authority is ‘yet another example of how integral strong identity and access management are to cloud security’. He added: “…it’s worth reminding businesses that separating their cloud provider and access management solution is imperative in ensuring robust security. In the event that malicious actors are able to gain access to the back-end of a cloud provider – potentially even viewing source code – all applications and data could suddenly be at risk. Having a separate and isolated access management solution is the differentiator between a business being able to control its own access security, or hackers taking it over.”
IBSi FinTech Journal
- Most trusted FinTech journal since 1991
- Digital monthly issue
- 60+ pages of research, analysis, interviews, opinions, and rankings
- Global coverage