U.S. Federal Reserve confirmed the breach of one of its internal websites by the hands of Anonymous hackers, but denied that the file containing personal information of over 4,000 U.S. bank executives the attackers made available for download contained passwords.
Following the discovery of the compromise, which happened due to the exploitation of a “temporary vulnerability in a website vendor product,” the affected individuals were contacted and warned about potential risks.
The file apparently contained names, mailing addresses, business phone and mobile phone numbers, business email addresses, and fax numbers.
“Some registrants also included optional information consisting of home phone and personal email. Despite claims to the contrary, passwords were not compromised,” a Federal Reserve spokesman stated for Reuters.
“Exposure was fixed shortly after discovery and is no longer an issue. This incident did not affect critical operations of the Federal Reserve system,” he added.
It is unknown which website was hacked, but the stolen data apparently consisted of a contact database for banks to use during a natural disaster.
The Federal Reserve website is the last target of Anonymous’ OpLastResort. Initiated last week as a reaction to the U.S. government’s role in the suicide of Internet activist Aaron Swartz, it already resulted in the hacks of the websites belonging to the U.S. Sentencing Commission, the Eastern District of Michigan U.S. Probation Office, and the Alabama Criminal Justice Information Center, where the stolen file was initially hosted.