The Reserve Bank of New Zealand has disclosed that it suffered cyber attack and that it had begun responding with urgency to a breach of one of its data systems.
It disclosed that during the attack, a third-party file-sharing service used by the central bank to share and store some sensitive information was illegally accessed.
The Central Bank Governor, Adrian Orr, said that the Sunday attack had been contained but added that it would take time to understand the full implications of the breach and what information was accessed by the criminals.
“The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information,” Orr said in a statement on Sunday morning.
It would be recalled thay in last year August, the operator of New Zealand’s stock exchange was hit by cyberattacks. InPhySec, an independent cybersecurity firm tasked with reviewing the cyber attacks, said that the volume, sophistication and persistence of the attacks were unprecedented for New Zealand.
In a November 2019 Financial Stability report, the RBNZ warned that the frequency and severity of cybersecurity incidents were on the rise in New Zealand.
In February of last year, the bank said in a report that the expected cost of cyber incidents for the banking and insurance industry was between NZD80 million ($58 million) and NZD140 million per year.
“More extreme events have a low probability but are still plausible,” the bank said in that report.