Cyber-robbers hack European Central Bank's... website The European Central Bank has written to 20,000 people to warn them their personal data may have been stolen during a huge cyber-heist. ECB said crooks had attempted to extort money from the bank after hacking into a database containing email addresses, phone numbers and addresses of people who had registered to attend events …
"The bank said it first discovered the theft when it received an anonymous email asking for cash in exchange for the data cache. It stressed no "market sensitive data" was compromised and said "data security experts have addressed the vulnerability".
Well I doubt many would think they know very much about what makes an expert and what doesn't after this...
"No critical systems were accessed, the bank claimed, and the hacked site was linked to its public database, which is separate from any internal system."
... and there is just NO WAY anyone can believe this, given the first paragraph above- ie. that they only found out about this simple hack when spammed by a vendor peddling the very data they made available, somehow!
Bank: Give us some personal data so we can verify you
Punter: But you cannot be trusted not to distribute it...
Bank: We can't verify you without it
Punter: But my other Bank has this data already, and lost it, so many people know it. How will you know I'm not them?
Bank: Well we can't help you
Punter: You mean you're not prepared to apply reasonable security and data management practices
Bank: We use industry standard encryption
Punter: ...and lose the data anyway...
Bank: We don't pay for personal data, most people give it to us freely.
Punter: And security tokens are expensive, and do not feature plausible deny-ability...
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
