The Federal Reserve has admitted it wasÂ hacked by Anonymous as the group ‘takes revenge’ for suicide of Reddit founderÂ Aaron Swartz.
The admission, which raises questions aboutÂ cyber security at the Fed, follows a claim that hackers linked to the activistÂ group Anonymous had struck the Fed on Sunday, accessing personal information ofÂ more than 4,000 U.S. bank executives, which it published on the Web.
Swartz, 26, killed himself on January 11,Â just a month before he was set to go on trial in Boston for thirteen felonyÂ charges.
Family and friends of Swartz, who helpedÂ create Reddit and RSS, say he killed himself after he was hounded by federalÂ prosecutors.
Officials say he helped post millions ofÂ court documents for free online and that he illegally downloaded millions ofÂ academic articles from an online clearinghouse.
Today a Fed spokeswoman said ‘The Federal Reserve system is aware that informationÂ was obtained by exploiting a temporary vulnerability in a website vendorÂ product.’
‘Exposure was fixed shortly after discoveryÂ and is no longer an issue. This incident did not affect critical operations ofÂ the Federal Reserve system,’ the spokeswoman said, adding that all individualsÂ effected by the breach had been contacted.
Technology news site ZDNet separatelyÂ reported that Anonymous appeared to have published information allegedlyÂ containing the login information, credentials, internet protocol addresses andÂ contact information of more than 4,000 U.S. bankers on SundayÂ night.
The claim was made via Twitter over anÂ account registered to OpLastResort, which is linked to Anonymous, a looselyÂ organized group of hacker activists who have claimed responsibility for scoresÂ of attacks on government and corporate sites over the past several years.
OpLastResort is a campaign that some hackersÂ linked to Anonymous have started to protest government prosecution of computerÂ prodigy Aaron Swartz, who committed suicide on Jan. 11.
The Fed declined to identify which websiteÂ had been hacked. But information that it provided to bankers indicated that theÂ site, which was not public, was a contact database for banks to use during aÂ natural disaster.
A copy of the message sent by the Fed toÂ members of its Emergency Communication System (ECS), which was obtained byÂ Reuters, warned that mailing address, business phone, mobile phone, businessÂ email, and fax numbers had been published.
‘Some registrants also included optionalÂ information consisting of home phone and personal email. Despite claims to theÂ contrary, passwords were not compromised,’ the Fed said.
The central bank separately confirmed theÂ authenticity of the message to ECS members.
The website’s purpose is to allow bankÂ executives to update the Fed if their operations have been flooded or otherwiseÂ damaged in a storm or other disaster.
That helps the Fed to assess the overallÂ impact of the event on the banking system.
Last month the hacker-activist group hijackedÂ the website of the U.S. Sentencing Commission to avenge theÂ death.