The European Banking Authority, a key EU financial regulator claims it has been hacked into its Microsoft email system which Microsoft attributes to a Chinese party. Microsoft announced last week that a state sponsored organisation based in China was leveraging previously undisclosed security attack in its Exchange email services to steal data from thousands of businesses and government users.
It described the Hafnium community as a highly skilled and sophisticated actor. Hafnium has previously threatened the US-based businesses such as infectious disease researcher’s law firms, universities, defence contractors, think tanks and non-governmental organisations according to astatement.
The EBA acknowledged the attack on its email systems in a statement released late Sunday, saying it had decided to take them offline as a precautionary measure. In close collaboration with its ICT supplier, a team of forensic experts and other related bodies, the agency has quickly initiated a full investigation.
Personal data may have been accessed as a result of the attack, according to the EBA, which said it would provide guidance on potential preventive steps if required.Microsoft executive Tom Burt, last Tuesday said that the company had released updates to address the security bugs and encouraged customers to install them.
He said, “We know that many nation-state actors and criminal organisations will move rapidly to exploit any unwatched systems. Beijing has a habit of dismissing US hacking allegations outright, and it chastised Washington last year after allegations that Chinese hackers were attempting to steal corona virus research”.
