Cyber-attack on the European Banking Authority

  • News
  • 7 March 2021

The European Banking Authority (EBA) has been the subject of a cyber-attack against its Microsoft Exchange Servers, which is affecting many organisations worldwide. The Agency has swiftly launched a full investigation, in close cooperation with its ICT provider, a team of forensic experts and other relevant entities.

As the vulnerability is related to the EBA’s email servers, access to personal data through emails held on that servers may have been obtained by the attacker. The EBA is working to identify what, if any, data was accessed. Where appropriate, the EBA will provide information on measures that data subjects might take to mitigate possible adverse effects.

As a precautionary measure, the EBA has decided to take its email systems offline. Further information will be made available in due course.

When email communication channels are restored, our Data Protection Officer, Jonathan Overett Somnier, can be contacted at

For any urgent query, please contact the press line on +33 1 86 52 7052

Press contacts

Franca Rosa Congiu