The Federal Reserve confirmed Wednesday that one of its internal websites was accessed after the hacktivist group Anonymous claimed to have stolen information on more than 4,000 banking executives.
“The Federal Reserve system is aware that information was obtained by exploiting a temporary vulnerability in a website vendor product,” a spokeswoman for the U.S. central bank said.
“Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system,” the spokeswoman added, saying that everyone impacted by the breach had been contacted.
The acknowledgement came after a message posted via the Twitter account OpLastResort, which is linked to Anonymous, said the group hacked the bank Saturday. “The technology news site ZDNet separately reported that Anonymous appeared to have published information said to [contain] the login information, credentials, internet protocol addresses and contact information of more than 4,000 US bankers,” The Guardian reported.
The bank would not say which site was attacked, but information provided to the bankers showed that it was a nonpublic database of contacts for use by banks during a natural disaster.
OpLastResort is a campaign that hackers associated with Anonymous started to protest against the government prosecution of Internet freedom activist Aaron Swartz, who killed himself last month to avoid a possible 31 years in jail for allegedly stealing more than 4 million articles from JSTOR, an online scholarly journal distribution and archive service.
—Posted by Alexander Reed Kelly.
A copy of the message sent by the bank to members of its Emergency Communication System (ECS) and obtained by Reuters warned that mailing address, business phone, mobile phone, business email and fax numbers had been published. “Some registrants also included optional information consisting of home phone and personal email. Despite claims to the contrary, passwords were not compromised,” the bank said.
The website’s purpose is to allow bank executives to update the Fed if their operations have been flooded or otherwise damaged in a storm or other disaster. That helps the bank assess the overall impact of the event on the banking system.
alexander amatosi (CC BY-ND 2.0)