Hackers took over part of the St. Louis Federal Reserve’s website last month to redirect users to fake pages, potentially subjecting visitors seeking economic data and research to malware and phishing attacks, the bank said Monday.
On April 24, attackers took over the domain name service used by the St. Louis Fed to “redirect some of the Bank’s web traffic that day to rogue Web pages they created to simulate the look of the St. Louis Fed’s research.stlouisfed.org website,” a spokesperson for the institution said in a statement. That means people who logged in gave up their credentials to hackers.
Users will be prompted to change their passwords the next time they log in to the research systems, according to the statement. The St. Louis Fed sent a notice to people who have active accounts for the databases Monday morning.