James Delahunty
6 Feb 2013 10:12
Fed confirms hack.
The U.S. Federal Reserve has confirmed that an internal website was breached and some personal information was stolen. The central bank said that the hack was limited to the internal website, and did not affect any critical systems or functions of the organization.
The attackers - widely reported to be Anonymous - exploited a temporary vulnerability in a website vendor product to retrieve information on up to 4,000 bank executives from around the United States.
"Some registrants also included optional information consisting of home phone and personal email. Despite claims to the contrary, passwords were not compromised," the Fed said, though it denied that any passwords had been exposed.
The internal website appears to be part of an emergency response system for cases of a natural disaster. For example, if a bank was damaged in a storm or a flood, this is the system that executives could use to keep the Fed posted on conditions. Combined, the data would give the Federal Reserve a view of the overall impact on the U.S. banking system.