FRANKFURT (Reuters) – The European Banking Authority on Monday said it had been targeted by hackers, although no data had been obtained and it was redoubling efforts to shield itself amid a global cyber attack exploiting flaws in Microsoft’s mail server software.
The European Union’s banking regulator, which gathers and stores swathes of sensitive data about banks and their lending, said it believed the cyber attack had struck only its email servers.
It is the latest prominent victim among tens of thousands of organisations in Asia and Europe targeted in a campaign which Microsoft Corp says makes use of previously undetected vulnerabilities in different versions of its mail server software.
The hacks are continuing despite emergency patches issued by Microsoft, which has said it is working with government agencies and security companies to help customers.
However, one scan of connected devices showed only 10% of those vulnerable had installed the patches by Friday, though the number was rising.
Microsoft and a person working with the U.S. response blamed the initial wave of attacks on a Chinese government-backed actor. A Chinese government spokesman said the country was not behind the intrusions.
What started as a controlled attack late last year against a few classic espionage targets grew last month to a widespread campaign. More attacks are expected from other hackers as the code used to take control of the mail servers spreads.
All of those affected appear to run Web versions of email client Outlook and host them on their own machines, instead of relying on cloud providers.
(Reporting By John O’Donnell; Editing by Kirsten Donovan)