Skip to content

Reserve Bank of New Zealand says it wasn’t directly targeted in cyber attack

Reserve Bank of New Zealand says it wasn’t directly targeted in cyber attack

Navigation for News Categories

The Reserve Bank of New Zealand was not the direct target of a cyber attack that breached its data systems, it says.

Reserve Bank building.

The Reserve Bank building in Wellington.
Photo: RNZ

On Sunday, the RBNZ revealed it was responding to a data breach of a third party file sharing system it used to share and store sensitive information.

In an update, RBNZ governor Adrian Orr said the breach was the result of the third party provider, Acellion, being hacked.

Acellion is a Californian based software firm which provides secure file sharing services.

“We have been advised by the third party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised,” Orr said.

The compromised data may include some commercially and personally sensitive information but it would take time before RBNZ could be certain.

The new development came after a cyber security expert suggested the RBNZ was likely hacked by another government.

“We are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,” Orr said.

“This includes the GCSB’s National Cyber Security Centre which has been notified and is providing guidance and advice.”

RNZ has learned that minister of finance Grant Robertson had been informed about the attack and was keeping a close eye on the situation.

Reserve Bank governor Adrian Orr.

Adrian Orr.
Photo: RNZ / Dom Thomas

Orr said he understood the high level of public interest in the data breach but was not in a position to release any further details.

“Providing any further details at this early stage could adversely affect the investigation and the steps being taken to mitigate the breach.”

The RBNZ is charged with overseeing the country’s monetary policy and supporting the financial system as a whole.

In October, the bank announced it was taking steps to ensure retail banks and other regulated financial services improved their cyber security.

It released a draft guidance, which would apply to the financial entities it regulated, and draws heavily from international cyber security standards.

Last May, RBNZ said in a discussion document its cyber security systems were not up to scratch and there was a “high operational risk due technical obsolescence and an underinvestment in security across many of the core technology platforms”.

It said it wanted to lower operational risk by a “phased migration to resilient platforms underpinning our business”.

Get the RNZ app

for ad-free news and current affairs
Download from Apple App Store
Download from Google Play Store

XL subscribe to our newsletter banner

Get the latest news and advice on COVID-19, direct from the experts in your inbox. Join hundreds of thousands who trust experts by subscribing to our newsletter.

Send your news and stories to us or and WhatsApp: +447747873668.

Before you go...

Democratic norms are being stress-tested all over the world, and the past few years have thrown up all kinds of questions we didn't know needed clarifying – how long is too long for a parliamentary prorogation? How far should politicians be allowed to intervene in court cases? To monitor these issues as closely as we have in the past we need your support, so please consider donating to The Climax News Room.

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy Designed using Unos Premium. Powered by WordPress.