The European Banking Authority (EBA) said they were among the victims of an attack on the email system of global software giant Microsoft. Microsoft blamed the attack on a Chinese group.
Microsoft said last week that a state-sponsored group operating out of China had exploited a previously unknown vulnerability in Microsoft’s Exchange e-mail system to steal information from corporate and government users, believed to be in the tens of thousands.
Microsoft said the Hafnium group is a “highly skilled and savvy actor.
Hafnium has previously targeted U.S. institutions and businesses, including infectious disease research facilities, law firms, universities, defense contractors, think tanks, and nongovernmental organizations (NGOs).
The European Banking Authority issued a statement late last night confirming the attack on the email system. The EBA took its email system offline as a precaution.
In the statement, the EBA said, “The Agency immediately launched a full investigation and worked closely with information and communications (ICT) providers, forensic experts and other relevant entities.”
The EBA warned that personal data may have been compromised as a result of the hack and would provide advice on possible mitigation measures if necessary.
Microsoft director Tom Burt said on the 2nd that Microsoft has provided updated software to patch the security vulnerability and reminded customers to update.
“We know that many national actors and criminal groups will take advantage of the system is not fixed at the Time of action.”
Recent Comments