18 December 2017
visit www.aciworldwide.com

St Louis Fed confirms DNS hijack

19 May 2015  |  2036 views  |  0 Source: St Louis Fed

The following notification information was emailed today to individuals who have an active user account for our publicly available economic data and analysis tools (FRED, FRASER, GeoFRED, ALFRED), which are available on our research division’s public website.

The Federal Reserve Bank of St. Louis has been made aware that on April 24, 2015, computer hackers manipulated routing settings at a domain name service (DNS) vendor used by the St. Louis Fed so that they could automatically redirect some of the Bank’s web traffic that day to rogue webpages they created to simulate the look of the St. Louis Fed’s research.stlouisfed.org website, including webpages for FRED, FRASER, GeoFRED and ALFRED.

As is common with these kinds of DNS attacks, users who were redirected to one of these phony websites may have been unknowingly exposed to vulnerabilities that the hackers may have put there, such as phishing, malware and access to user names and passwords.

These risks apply to individuals who attempted to access the St. Louis Fed’s research.stlouisfed.org website on April 24, 2015. If you attempted to log into your user account on that date, it is possible that this malicious group may have accessed your user name and password.

The St. Louis Fed’s website itself was not compromised.

Out of an abundance of caution, we wanted to alert you to this issue, and also make you aware that the next time you log into your user account, you will be asked to change your password. In addition, in the event that your user name and password are the same or similar as those you use for other websites, we highly recommend that you follow best practices and use a strong, unique and different password for each of your user accounts on the Internet. 

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
visit www.aciworldwide.comvisit www.response.ncr.comvisit www.thomsonreuters.info

Top topics

Most viewed Most shared
satelliteRipple completes XRP Lockup
11286 views comments | 3 tweets | 3 linkedin
Banks tap Ethereum smart contracts for MiFID II complianceBanks tap Ethereum smart contracts for MiF...
10261 views comments | 21 tweets | 24 linkedin
Banks and fintech startups join forces on blockchain-based supply chain pilotBanks and fintech startups join forces on...
7790 views comments | 19 tweets | 22 linkedin
Digital banking startup Loot secures £2.2 million seed roundDigital banking startup Loot secures £...
7500 views comments | 5 tweets | 11 linkedin
Nordea takes Open APIs into live productionNordea takes Open APIs into live productio...
7432 views comments | 6 tweets | 26 linkedin

Featured job

Competitive
Germany, Austria or Switzerland

Find your next job