The European Central Bank said on Thursday that email addresses and other contact information have been stolen from a database that serves its public website, though it stressed that no internal systems or market-sensitive data were compromised.
The security breach involved a database serving part of the website that gathers registrations for ECB conferences and other events, the Frankfurt-based central bank for the 18 nations that share the euro said in a statement.
Although most of the information on the database was encrypted, email addresses and other contact information left by people who registered were stolen, the bank said.
ADVERTISEMENT
About 20,000 email addresses may have been compromised, along with a much smaller number of phone numbers and street addresses.
The ECB discovered the theft when it received an anonymous email on Monday night seeking money for the data.
It said it informed German police and an investigation has started, but could not say when the theft is believed to have happened or how much money was demanded.
ADVERTISEMENT
The targeted database is physically separate from the ECB’s internal systems, according to the bank. It is contacting people whose data might have been compromised.
The bank’s data security experts “have addressed the vulnerability” and all passwords on the system have been changed as a precaution, the ECB said.