Security News > 2021 > March > EU Banking Regulator Hit by Microsoft Email Hack
The European Banking Authority, a key EU financial regulator, says it has fallen victim to a hack of its Microsoft email system which the US company blames on a Chinese group.
Microsoft said last week that a state-sponsored group operating out of China was exploiting previously unknown security flaws in its Exchange email services to steal data from business and government users, believed to number in the tens of thousands so far.
"We have no indication to think that the breach has gone beyond our email servers."
The authority said the probe was still ongoing and that it has deployed additional security measures "In view of restoring the full functionality of the email servers".
The EBA had said in a previous statement on Sunday that it had taken its email systems offline as a precaution, noting that access to personal data held on servers "May have been obtained by the attacker".
Microsoft executive Tom Burt said last Tuesday that the company provided updates to fix the security flaws and urged customers to apply them.
News URL
Related news
- Microsoft fixes Outlook email sending issue for users with many folders (source)
- Over 5,000 Fake Microsoft Notifications Fueling Email Compromise Campaigns (source)
- Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks (source)
- Microsoft Outlook bug blocks email logins, causes app crashes (source)
- Microsoft Exchange adds warning to emails abusing spoofing flaw (source)
- Microsoft 365 Admin portal abused to send sextortion emails (source)