Cedar-IBSi FinTech Lab Analyst Briefings Get in touch IBSi Newsletter
back Back

European Banking Authority reveals cyberattack on email servers

By Robin Amlot

March 08, 2021

  • Europe
  • European Banking Authority
Share

On 7 March 2021, the European Banking Authority (EBA) revealed that it had been the subject of a cyber-attack against its Microsoft Exchange Servers. The Authority launched a full investigation, in cooperation with its ICT provider, a team of forensic experts and other relevant entities.

As a precautionary measure, the EBA decided to take its email systems offline. The EBA investigation is still ongoing and the Authority said it was deploying additional security measures and close monitoring in view of restoring the full functionality of the servers.

At time of writing, the European Banking Authority email infrastructure has been secured and analysis suggests that no data extraction has been performed and there is no indication to think that the breach has gone beyond the email servers.

The EBA said it has taken all precautionary measures to protect personal and other data and will take additional steps and provide further updates as necessary. However, as the vulnerability is related to the EBA’s email servers, access to personal data through emails held on those servers may have been obtained by the attacker.

Several press reports point the finger at a Chinese hacking group which has been blamed for a number of attacks in recent months against Microsoft mail servers.

Dirk Geeraerts, VP EMEA Access Management at Thales, commented that the attack on the European Banking Authority is ‘yet another example of how integral strong identity and access management are to cloud security’. He added: “…it’s worth reminding businesses that separating their cloud provider and access management solution is imperative in ensuring robust security. In the event that malicious actors are able to gain access to the back-end of a cloud provider – potentially even viewing source code – all applications and data could suddenly be at risk. Having a separate and isolated access management solution is the differentiator between a business being able to control its own access security, or hackers taking it over.”

Previous Article

March 08, 2021

Top 10 FinTech deals of February 2021 (UK & Europe version)

Read More
Next Article

March 08, 2021

Starling Bank valued at £1.1 billion with £272 million funding round

Read More






IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News

May 15, 2025

Co-opbank Pertama deploys BPC’s SmartVista to enhance fraud protection

Read More

April 30, 2025

AQM Technologies acquires TraiCE to boost AI risk monitoring for US banks

Read More

April 23, 2025

Rising cyber threats puts 1 in 2 UAE SMEs vulnerable to attack

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q1 2025
Know More
NextGen WealthTech: The Trends To Shape The Future Q4 2023
Know More
Intelligent Document Processing in Financial Sector Q2 2025
Know More
Treasury & Capital Markets Systems Report Q1 2025
Know More