The European Central Bank (ECB) said on Thursday its website had been hacked and some email addresses and other contact information stolen but insisted no market-sensitive data were affected.
The theft came to light after the central bank received an anonymous email on Monday night demanding money in exchange for the addresses.
While most of the data was encrypted, parts of the database included email addresses, some street addresses and phone numbers that were not encrypted. The database also contains data on downloads from the ECB website in encrypted form.
The hackers broke into a database storing details of people who had registered for ECB conferences, visits and other events, the bank said. That database was kept physically separate from internal systems, it added.
“No internal systems or market sensitive data were compromised,” the ECB said in a statement.
The ECB is contacting people whose data might have been compromised and all passwords have been changed on the system as a precaution.
German police have been informed of the theft and an investigation has started and ECB data security experts have “addressed the vulnerability”, the ECB said.
European Central Bank
- Press release: ECB announces theft of contact information