The European Banking Authority (EBA) is the latest victim of a large-scale cyberhacking attack connected to the Chinese regime against Microsoft’s email and calendar server.
Microsoft explained that the Hafnium hackers were using the flaws to access email accounts and install malware to “facilitate long-term access to victim environments.”
On March 7, the EBA, an EU financial regulator, announced that its email systems were compromised by the cyberattack.
“As the vulnerability is related to the EBA’s email servers, access to personal data through emails held on that servers may have been obtained by the attacker,” the EBA said in a statement.
On March 8, the organization released another statement saying that its investigation was ongoing.
“At this stage, the EBA email infrastructure has been secured and our analyses suggest that no data extraction has been performed and we have no indication to think that the breach has gone beyond our email servers,” it stated.
“This is an active threat,” said White House press secretary Jen Psaki on March 5. “Everyone running these servers—government, private sector, academia—needs to act now to patch them.”
“We are concerned that there are a large number of victims and are working with our partners to understand the scope of this,” Psaki added.
The FBI said on March 7 that it was “working closely with our interagency and private sector partners to understand the scope of the threat.”
On March 8, the U.S. Department of Homeland Security’s cybersecurity agency took to Twitter asking “all organizations across all sectors” to follow its guidelines to address vulnerabilities within their Microsoft Exchange Server software.
At a daily briefing on March 3, China’s foreign ministry spokesperson Wang Wenbin rejected Microsoft’s claims. He added that media and companies should not “make groundless accusations.”
There have been previously known Chinese cyberattacks against U.S. entities.