Confirmed: Hackers attacked St. Louis Federal Reserve Bank

20 May, 2015 04:22 / Updated 9 years ago

A cyberattack on the Federal Reserve Bank of St. Louis last month compromised the bank’s domain name and routed web traffic to rouge websites created by the hackers that simulated the original, the bank confirmed this week.

Bank officials said in a statement on Monday that while the hackers didn’t compromise its website, they did manipulate the bank’s routing on April 24.

READ MORE: Ex-US govt. employee accused of trying to steal nuke secrets

"As is common with these kinds of DNS (domain name service) attacks, users who were redirected to one of these phony websites may have been unknowingly exposed to vulnerabilities that the hackers may have put there, such as phishing, malware and access to user names and passwords," the Fed statement said.

The statement added that those people who attempted to access the research.stlouisfed.org website on April 24 might have exposed their account name and password to hackers. As a precaution, users will be asked to change their password the next time they log onto the website.

[In] the event that your user name and password are the same or similar as those you use for other websites, we highly recommend…a strong, unique and different password for each of your user accounts on the Internet,” said the statement.

READ MORE: DoJ, security experts warn of increasing overseas cyberattacks

Hackers regularly target US government agencies and websites, most recently at the White House, State Department, United States Postal Service, and National Oceanic and Atmospheric Administration, according to Reuters.

Security experts think hackers may have secured bankers and currency traders’ email addresses and passwords, which could be used in future attacks.

Great way to phish the password and email addresses of bankers and currency traders,” Dave Jevans, chairman of the Anti-Phishing Working Group, told The New York Times. “Since people reuse passwords, this is a ready font of juicy data to attack all users of the Fed’s data.”