The Federal Reserve recorded more than 50 online breaches between 2011 and 2015, with several incidents described internally as "espionage," according to internal cybersecurity reports.
The reports show a barrage of attacks on the Fed's computer systems, which play a critical role in global banking and hold secret information on discussions about monetary policy that drives financial markets.
The records, obtained through a Freedom of Information Act request, were heavily redacted by Fed officials to keep secret the central bank's security procedures.
The files obtained by Reuters suggest hackers were behind many of the Fed's breaches. For eight incidents of information disclosure between 2011 and 2013 — a time when the Fed's trading desk was buying massive amounts of bonds — Fed staff wrote that the cases also involved "malicious code." That is the term used by industry analysts and the Department of Homeland Security to describe software used by hackers to access computer systems.
Two hacking incidents in 2012 involved both information disclosure and "espionage," according to the records. Two additional hacking incidents that year were considered cases of espionage but not information disclosure.
The Fed's Board of Governors provided 310 cybersecurity reports in response to the public records request, which asked for all cybersecurity incident reports from the four years through October 2015. Hacking attempts were cited in 140 of the reports, which also covered incident types like equipment theft or loss.
The records gave no indication that any money was stolen in attacks on the Fed.
But the disclosure of hacking attempts on the U.S. central bank comes at a time when cybersecurity at central banks worldwide is under scrutiny. Bank Bangladesh lost $81 million when thieves used a global financial messaging system to make fraudulent transfers from that bank's account at the New York Fed.
Hackers are targeting large financial institutions around the world, including America's largest bank JPMorgan, as well as smaller players like Ecuador's Banco del Austro and Vietnam's Tien Phong Bank.
The Fed declined to comment, and the records do not say who hacked the bank's system or whether they accessed sensitive information.