The European Banking Authority became one of the latest victims of a cyberattack against its Microsoft Exchange Servers.
The European Banking Authority became one of the latest victims of a cyberattack against its Microsoft Exchange Servers.
The European Banking Authority reported that access to personal data through emails held on the Microsoft server might have been compromised on Sunday.
“The Agency has launched a full investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities, ” EBA said.
“Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects. "
In an update on the evolving situation, Microsoft says: “In the attacks observed, the threat actor used these vulnerabilities to access on-premises Exchange servers which enabled access to email accounts, and allowed the installation of additional malware to facilitate long-term access to victim environments.”
The EU agency said that the EBA investigation is continuing, and additional security measures and close monitoring restoring the email servers' full functionality.
“At this stage, the EBA email infrastructure has been secured, and our analyses suggest that no data extraction has been performed, and we have no indication to think that the breach has gone beyond our email servers."
As per the update issued, the forensic experts had found no signs of data exfiltration. As a precautionary measure, EBA has decided to take down its email system offline.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: How to Survive the COVID Time Cyber Security Threats?