People who thought they were logging on to a Federal Reserve research website were were actually handing their logon and passwords to a hacker one day last month, the Federal Reserve Bank of St. Louis said Monday.
The hackers may have tried to place malware on the victim’s computers, the Fed said. The hackers may also have tried to get victims to divulge other information through “phishing” tactics.
The hack affects people who visited the website on April 24, the Fed said. The hackers manipulated the settings at a domain server used by the Fed. Users were sent to a malicious site that mimicked the Fed’s own.
The hack affected people attempting to log on to the St. Louis Fed’s economic databases and research archives. Affected was the website research.stlouisfed.org which includes the sites for FRED, GeoFRED, ALFRED and FRASER.
The free databases are extremely popular with economists, academics, market researchers, journalists and others.
The Fed’s other websites were not compromised, the St. Louis Fed said in a notice to users Monday.
Users will be asked to change their passwords when next they log on to the Fed’s site.
Jim Gallagher • 314-340-8390