The European Union Banking Authority’s email servers have been compromised. This is happening in a global Microsoft Exchange cyber attack.
The EU body says there is a possibility of personal data access from its servers. Moreover, it had pulled the whole email system offline while it assessed the damage.
The EBA is working on if there was any breach of data, it said.
Microsoft servers are broadly used for email by major businesses as well as the government. But few organisations are yet to admit to being hit by the cyber attack.
What occurred?
The cyberattack had exploited a vulnerability in Microsoft’s Exchange email system. Even seldom-used hijacked passwords to look like someone who should have entree to the system said Microsoft.
Then, it would take command of the system remotely and steal data from the network.
US officials warned in the weekend that the attack prevails an active threat.
Additionally, Microsoft believes that the attack is by a Chinese state-sponsored attacker called Hafnium. But China constantly denies the accusations.
Who is under attack?
Initial calculations hint that some 30,000 US organisations may have been affected by cyber attack. But there were now claims the cyber attack had at least 60,000 known victims. Bloomberg report, citing an anonymous former US official involved in the probe.
Microsoft’s security officials said Hafnium chiefly targets entities in the US. Stealing pieces of information such as law firms, infectious disease research, higher education institutions, defence contractors etc.
But cyber-security body Huntress stated it had seen 300 of its partner’s servers hit.
These companies do not flatly control Microsoft’s guidance. Some personas are small hotels, a kitchen appliance manufacturer, an ice-cream company, and other less sexy mid-market businesses.
It has also found affected the local government, health care, electricity companies, and bank.