The European Banking Authority, a major EU financial regulator, becomes another victim of flaws in Microsoft Exchange Servers. The banking authority reported a hack of its Microsoft email system. Microsoft attributes the attack to a China-linked group of hackers.
The EBA had turned off its email systems as a precaution, saying that personal data hosted on servers “may have been obtained by the attacker.”
It was last weak that Microsoft reported a chain of attacks originating out of China. It attributed them to Hafnium, a new hacker group that had been exploiting new security flaws in Microsoft’s Exchange email services.
The attackers managed to steal data from business and government entities. The victims are counted in the tens of thousands by the time of writing. The number rose quickly from 30,000 to 60,000 just in a couple of days, according to a former senior US official involved in the investigation, Yahoo reports.
Hafnium is a “highly skilled and sophisticated actor,” Microsoft said. It previously targeted US-based companies including COVID-related researchers, law firms, universities, defense contractors, and NGOs.
The newest victim of Hafnium, the EBA, said in a statement on Monday that its investigation had found no sign of data theft.
“At this stage, the EBA email infrastructure has been secured and our analyses suggest that no data extraction has been performed,” the banking institution said and added that no other systems had been impacted: “We have no indication to think that the breach has gone beyond our email servers.”
The EBA said the investigation was still ongoing and that it took additional security measures and is “restoring the full functionality of the email servers.”
On Tuesday, following the recent incidents involving flawed Exchange Servers, Microsoft issued several software updates and urged all customers to immediately apply them because “many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems.”
As usually the case is, Beijing rejects US hacking charges and allegations that Chinese hackers were attempting to steal US companies’ data and data related to coronavirus research.
In a statement on Tuesday, Microsoft said the Hafnium attacks were not connected to the SolarWinds attacks.