08.05.2013

Information from Bank Austria
Data protection breach after hacker attack

  • Hackers who attacked a portal server of Bank Austria read technical activity protocols.
  • Access to customer accounts or the execution of unauthorised transactions was not possible at any time.
  • The attack has been warded off in the meantime, access to internal bank servers was not possible.

From 4 to 6 May, Bank Austria was the target of a hacker attack. Hackers gained unauthorised access to a portal server and were able to read technical activity protocols (log files).

The attack has been warded off in the meantime, unauthorised access is no longer possible. The attack affected Internet Banking customers who will receive a message from Bank Austria in the communication centre the next time they log into Bank Austria Internet Banking. Internet Banking customers who do not receive the message were not affected, nor were customers who do not use Internet Banking services.

It is important to note that it was not possible at any time to access customer accounts or execute unauthorised transactions. The PINs required for access to accounts are not contained in the activity protocols. The hackers did not have access to internal bank servers at any time.

This means that any direct financial losses can be excluded. Bank Austria has set up specific monitoring procedures for all accounts concerned as an additional security measure.

Moreover, Bank Austria will file a complaint with the Austrian public prosecutor's office and inform the Austrian Financial Market Authority.

Enquiries: Bank Austria Media Relations Austria
Martin Halama, tel. +43 (0) 50505 - 52371
e-mail: martin.halama@unicreditgroup.at

Matthias Raftl, tel. +43 (0) 50505 - 52809
e-mail: matthias.raftl@unicreditgroup.at