St. Louis Fed says research section hacked

The St. Louis branch of the Federal Reserve Bank has acknowledged that hackers manipulated settings on its website for research data, but that the central bank itself was not compromised.

In a statement this week, the St. Louis Fed, one of 12 regional centers for the US , said the incident took place April 24.

The statement said "hackers manipulated routing settings at a (DNS) vendor used by the St. Louis Fed so that they could automatically redirect some of the Bank's web traffic that day to rogue webpages they created to simulate the look of the St. Louis Fed's website."

According to the statement, anyone who was redirected to one of these phony websites "may have been unknowingly exposed to vulnerabilities that the hackers may have put there, such as phishing, malware and access to user names and passwords."

The statement dated Monday said "the St. Louis Fed's website itself was not compromised" but that it was urging anyone visiting the affected website to reset passwords "out of an abundance of caution."

Online security blogger Brian Krebs said that while it was unclear where the attacks came from, "it seems likely that it is related to state-sponsored hacking activity from a foreign adversary."

He added that if the attack also compromised email accounts from the institution "this could be a much bigger deal."

Explore further

European Central Bank hit by data theft

© 2015 AFP

Citation: St. Louis Fed says research section hacked (2015, May 20) retrieved 13 November 2019 from
This document is subject to copyright. Apart from any fair dealing for the purpose of private study or research, no part may be reproduced without the written permission. The content is provided for information purposes only.

Feedback to editors

User comments