Navigation for News Categories
Reserve Bank governor Adrian Orr.
Photo: RNZ / Dom Thomas
The central bank revealed on Sunday that a third-party service it uses to share and store sensitive information, known as Accellion, was illegally accessed.
Yesterday, the bank’s Governor Adrian Orr confirmed it was not the target of a specific hack, rather its data was compromised when Accellion’s File Transfer Appliance (FTA) software defences was breached.
He said the data that was accessed may include commercially and personally sensitive information but it was too early to be certain.
However, it has been revealed the Reserve Bank was made aware of an issue in its FTA software it uses from Accellion in mid-December.
A spokesperson for Accellion said it notified customers after it discovered a “P0” vulnerability in FTA.
P0 is a triage term used by the technology sector to identify the most serious issues.
“Accellion resolved the vulnerability and released a patch within 72 hours to the less than 50 customers affected.”
The RBNZ has been asked to confirm when it downloaded the patch.
Accellion provided no further detail about the nature of the breach, who was behind it or what data was accessed.
It did, however, refer to FTA as a “legacy product” and encouraged its customers to update to Kiteworks, which is the technology company’s premier file transfer product.
Accellion said Kiteworks provided the highest level of security.
Get the RNZ app
for ad-free news and current affairs
Send your news and stories to us firstname.lastname@example.org or email@example.com and WhatsApp: +447747873668.
Before you go...
Democratic norms are being stress-tested all over the world, and the past few years have thrown up all kinds of questions we didn't know needed clarifying – how long is too long for a parliamentary prorogation? How far should politicians be allowed to intervene in court cases? To monitor these issues as closely as we have in the past we need your support, so please consider donating to The Climax News Room.