The United States Federal Reserve has admitted that it lost confidential data after its computer systems were hacked on Sunday, shortly after which Internet activist group Anonymous published personal information of more than 4,000 U.S. bank executives.
Facing serious questions about the cyber security of its data, the Fed admitted to Reuters news agency that it was “aware that information was obtained by exploiting a temporary vulnerability in a website vendor product.
A Fed spokeswoman added, “Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system.” She further noted that all individuals affected by the breach had been contacted.
In a spreadsheet that Anonymous published on the Alabama Criminal Justice Information Centre login information and credentials, IP addresses, and contact information of American bank executives could be found, reports noted.
Anonymous claimed responsibility for Tuesday’s hack of the Fed via its Twitter account registered to OpLastResort, a campaign to protest government prosecution of Internet activist Aaron Swartz. Mr. Swartz killed himself on January 11 following his indictment by the U.S. government on the charge of illegal distribution of copyrighted data.
In a tweet the group said, “Now we have your attention America: Anonymous's Superbowl Commercial 4k banker d0x via the FED.” URL for the published data was titled, “oops-we-did-it-again.” By Wednesday the link only led to a “404 – File or directory not found” server error message. The AJIC website however otherwise appeared functional.
It is possible that the data posted pertains to emergency response databases of the government banking system and could include contact information and cell phone numbers for U.S. bank Presidents, Vice Presidents, Chief Operating Officers, Branch Managers and more.
The latest attack is only one of a serious of similar hacks and comes in the wake of the U.S. Department of Energy admitting on Monday that it was the target of a cyber attack in January. While stating that no classified data was compromised during the episode, the DEA reportedly said that it “resulted in the unauthorised disclosure of employee and contractor personally identifiable information.”
The ‘hacktivist’ group also said it was behind recent attacks on the U.S. Sentencing Commission and the Eastern District of Michigan Probation Office.