WELLINGTON (Reuters) – The Reserve Bank of New Zealand said on Sunday that it was immediately responding to a breach in one of its data systems.
A third-party file-sharing service used by the central bank to share and store certain sensitive information, the bank said in a statement.
RBNZ Governor Adrian Orr said that the breech was contained, but it would take time to understand the full implications of this breech.
“The nature and extent of potentially accessed information is still being determined, but may include some commercially and personally sensitive information,” Orr said in a statement.
In August, the operator of the New Zealand Stock Exchange received a setback for the cyber attack. InPhySec, which worked as an independent cyber security firm to review cyber attacks, said the amount, sophistication and persistence of the attacks were unprecedented for New Zealand.
In the Financial Stability Report of November 2019, RBNZ warned that the frequency and severity of cyber security incidents in New Zealand were increasing.
In February last year, the bank said in a report that the expected cost of cyber incidents for the banking and insurance industry was between NZD80 million ($ 58 million) and NZD140 million per year.
“The likelihood of more extreme events is low but still plausible,” the bank said in that report.
($ 1 = 1.3808 New Zealand dollars)
Reporting by Praveen Menon and Lydia Kelly in Wellington, Melbourne; Editing by William Mallard