Internal site hacked, Federal Reserve confirms

Share this article:

Only days after Anonymous claimed it hacked the Federal Reserve to expose the personal information of 4,000 bank executives online, the Fed has admitted that intruders breached one of its internal websites.

A Federal Reserve spokeswoman on Tuesday confirmed with news service Reuters that a temporary vulnerability in a website vendor product was exploited, allowing hackers to access the Fed's data. The bug is now fixed.

The Fed wouldn't say which internal site or application was compromised, but Reuters obtained a copy of a message from the Fed that was sent to its Emergency Communication System (ECS) regarding the matter.

The message said passwords were not compromised in the hack, despite contrary reports, but that mailing addresses, business and mobile phone numbers, business emails and fax numbers from its site were published online.

According to Anonymous, its dump included the personal data of financial institution employees – including CEOs, presidents, CFOs, IT management, loan officers and secretaries. Data alleged to be the first and last names of employees was posted online, along with individuals' addresses, titles, names of their financial institution, email addresses, IP addresses, login IDs and hashed passwords.

On Sunday, Anonymous tweeted about the incident, plainly stating that the data came from the Fed, the country's central bank. The data was posted on the website of the Alabama Criminal Justice Information Center (ACJIC), a clearinghouse of criminal records and statistics for the state. The page on ACJIC's site has since been removed.

“Now we have your attention America,” the Sunday tweet from Anonymous read. “Anonymous's Super Bowl commercial, 4k banker dox via the Fed.”

Share this article:

Sign up to our newsletters

More in News

$4 billion breach suit against Sutter Health dismissed

The ruling comes nearly three years after a computer theft occurred at the organization.

More charged for roles in three separate Android app piracy groups

Indictments unsealed in the Northern District of Georgia on Monday charge members of three separate Android app piracy groups.

Angler Exploit Kit delivers Tor-using Critroni ransomware

The command-and-control for a new ransomware identified by Microsoft as Critroni is hidden on the Tor network.