The European Central Bank (ECB) has had its website hacked, with sensitive personal information including email addresses and contact data stolen.
The ECB received an anonymous call on Monday night requesting money in return for the stolen data. The bank didn't say how much the blackmailer asked for, but did say that it refused to pay anything.
According to the bank's website, the theft was from a database "separate from any internal system" and no market-sensitive data was stolen.
The database serves parts of the ECB website that gather registrations for events such as ECB conferences and visits. It is physically separate from any internal ECB systems.
A statement on the website said:
The theft came to light after an anonymous email was sent to the ECB seeking financial compensation for the data. While most of the data were encrypted, parts of the database included email addresses, some street addresses and phone numbers that were not encrypted. The database also contains data on downloads from the ECB website in encrypted form.
The ECB is contacting people whose email addresses or other data might have been compromised and all passwords have been changed on the system as a precaution.
The ECB takes data security extremely seriously. German police have been informed of the theft and an investigation has started.
ECB data security experts have addressed the vulnerability.