New Zealand’s central bank said Sunday that one of its data systems has been breached by an unidentified hacker who potentially accessed commercially and personally sensitive information.
The breach emerges about four months after cyberattacks forced New Zealand’s stock exchange to halt trading for four consecutive days.
The Wellington-based bank said in a statement,” A third-party file sharing service used by the Reserve Bank of New Zealand, to share and store sensitive information had been illegally accessed”.
It’s uncertain when the breach took place, the nature of the information accessed, who was responsible for the attack and in which country is the file-sharing service-based.
The nature and extent of information that has been potentially accessed are still being determined, but it may include some commercially and personally sensitive information, says Governor Adrian Orr.
The system had been secured and taken offline until the bank completes its initial investigations.
Professor of computer science at Auckland University, Dave Parry, says that another government was likely behind the bank data breach.
“Ultimately if you were coming from a kind of criminal approach, government agencies aren’t going to pay your ransom or whatever, so you’re more interested in people who are probably coming from government to government level,” Parry said.
Finally, Governor Adrian Orr declares that “The breach has been contained and the bank’s core functions “remain sound and operational”.
Orr continued saying that they are working closely with domestic and international cybersecurity experts and other relevant authorities as part of investigation and response to this malicious attack.
“It will take time to understand the full implications of this breach and we are working with system users whose information may have been accessed”.