back Back

European Banking Authority reveals cyberattack on email servers

By Robin Amlot

March 08, 2021

  • Europe
  • European Banking Authority

On 7 March 2021, the European Banking Authority (EBA) revealed that it had been the subject of a cyber-attack against its Microsoft Exchange Servers. The Authority launched a full investigation, in cooperation with its ICT provider, a team of forensic experts and other relevant entities.

As a precautionary measure, the EBA decided to take its email systems offline. The EBA investigation is still ongoing and the Authority said it was deploying additional security measures and close monitoring in view of restoring the full functionality of the servers.

At time of writing, the European Banking Authority email infrastructure has been secured and analysis suggests that no data extraction has been performed and there is no indication to think that the breach has gone beyond the email servers.

The EBA said it has taken all precautionary measures to protect personal and other data and will take additional steps and provide further updates as necessary. However, as the vulnerability is related to the EBA’s email servers, access to personal data through emails held on those servers may have been obtained by the attacker.

Several press reports point the finger at a Chinese hacking group which has been blamed for a number of attacks in recent months against Microsoft mail servers.

Dirk Geeraerts, VP EMEA Access Management at Thales, commented that the attack on the European Banking Authority is ‘yet another example of how integral strong identity and access management are to cloud security’. He added: “…it’s worth reminding businesses that separating their cloud provider and access management solution is imperative in ensuring robust security. In the event that malicious actors are able to gain access to the back-end of a cloud provider – potentially even viewing source code – all applications and data could suddenly be at risk. Having a separate and isolated access management solution is the differentiator between a business being able to control its own access security, or hackers taking it over.”

Previous Article

March 08, 2021

Top 10 FinTech deals of February 2021 (UK & Europe version)

Read More
Next Article

March 09, 2021

Evolution announces payment app release scheduled for 2022

Read More

IBSi Daily News Analysis

Embedded Payments, Embedded Finance, Fintech News, Payments Technology, Mobile Payments, Digital Payments, Online Payments, Singapore Fintech News, APAC fintech listicle

July 11, 2024


Payment security market to reach $87.4bn by 2031 driven by digital payment adoption

Read More

IBSi FinTech Journal

  • Most trusted FinTech journal since 1991
  • Digital monthly issue
  • 60+ pages of research, analysis, interviews, opinions, and rankings
  • Global coverage
Subscribe Now

Other Related News

June 24, 2024

Flutterwave & EFCC to set up Nigeria’s Cybercrime Research Centre

Read More

June 13, 2024

4 Cybersecurity firms using AI to thwart financial crime in the UK

Read More

June 11, 2024

Public-facing applications and APIs are the most common targets of cyberattacks

Read More

Related Reports

Sales League Table Report 2024
Know More
Global Digital Banking Vendor & Landscape Report Q2 2024
Know More
Wealth Management & Private Banking Systems Report Q2 2024
Know More
IBSi Spectrum Report: Supply Chain Finance Platforms Q4 2023
Know More
Treasury & Capital Markets Systems Report Q1 2024
Know More

IBSi Sales League Table

The industry acknowledged barometer of global banking technology vendor performance!
Get your copy now!
Get your copy now! IBSi Sales League Table 2024