The Federal Reserve confirmed that its computers suffered a temporary breach, but the problems were fixed immediately.
Internet hactivist group, Anonymous, claimed responsibility for posting the private and login information for the accounts of more than 4,000 executives in the financial industry as part of its Operation Last Resort.
A spokesperson for the Federal Reserve confirmed that its computers suffered a temporary breach, but it did not affect the critical operations of the agency. In an interview with the HuffPost, the spokesperson said, “Information was obtained by exploiting a temporary vulnerability in a website vendor product.” The problem was “fixed after discovery and is no longer an issue,” added the spokesperson, who requested his identity not to be disclosed.
Furthermore, the spokesperson emphasized that the claims of Anonymous were “over stated.”
Anonymous launched its campaign demanding changes in the U.S. crime laws and the investigation of “overzealous prosecutors,” after Aaron Swartz committed suicide due to depression. Swartz co-founded Reddit and was widely recognized for his campaign for open the public’s access to information. He was arrested in 2011 and was facing a 35-year jail sentence for allegedly hacking the network of the Massachusetts Institute of Technology (MIT) to download millions of academic articles.
The hactivist group tweeted about the data dump last Sunday. The message reads, “Now we have your attention America: Anonymous’s Superbowl Commercial 4k banker d0x via the FED.” Another tweet from the group said, “Yes we posted over 4000 U.S. bank executive credentials.”
Anonymou claimed that it posted almost 700 pages of documents containing approximately 4,600 records of people’s names, e-mails, institutions, IP addresses, login information and salted and hashed passwords obtained from the Federal Reserve System.
The hactivist group published the data on website of the Alabama Criminal Justice System via an HTML file with the title “oops-we-did-it-again.html.” Anonymous reposted the same file to a Chinese government website.
In 2010, the computers of the Federal Reserve was also hacked a Malaysian man who was involved in credit card scheme, but no data was accessed or compromised by the attack. In 2011, Federal Reserve web developers found a cross-scripting bug, which allows attackers to access to sensitive information by injecting malicious client side scripts. The bug was discovered in the Adobe ColdFusion software used by Federal Reserve Bank websites. Adobe released a patch to address four vulnerabilities identified in active attacks against users of the ColdFusion software.
Wiebke Lips, senior communications Manager of Adobe Systems Incorporated (NASDAQ:ADBE) did not provide specific comments regarding the recent hacking incident of the Federal Reserve’s System, according to HuffPost.
“These types of attacks are often referred to as zero-days because a fix is not available at the time of the attack. As soon as these vulnerabilities were reported to Adobe, we immediately addressed them in the software and provided the fix,” wrote Lips in an e-mail statement.