ST. LOUIS—The Federal Reserve Bank of St. Louis has confirmed that it suffered a data breach related to users of its research services.
The FRB-St. Louis said the breach occurred in April, but it did not make a public announcement until May 18. According to the bank, hackers launched a phishing campaign against users of its research services by hijacking its domain name server settings to redirect visitors to sites that looked like those of the Federal Reserve Bank, but which were under the control of the hackers. The bank said it has contacted all users of its analysis tools and economic data regarding the breach, and that they will need to reset their log-ins on their next visit.
In a statement, the Federal Reserve Bank of St. Louis said the only site affected was its research.stlouisfed.org website, and not its primary site.
Analysts said the hackers were likely seeking to get the passwords and e-mail addresses of bankers and currency traders; both of which may be used by the same parties but elsewhere.