WELLINGTON (Reuters) – The Reserve Bank of New Zealand said on Sunday it will respond urgently to a breach of one of its data systems.
A third-party file-sharing service used by the central bank to share and store certain sensitive information was opened illegally, the bank said in a statement.
RBNZ Governor Adrian Orr said the breach was limited but added that it would take time to understand the full implications of this breach.
“The nature and extent of information that may have been accessed is still being determined, but it may contain commercially and personally sensitive information,” Orr said in a statement.
In August, the New Zealand Stock Exchange operator was hit by cyber attacks. InPhySec, an independent cybersecurity company tasked with assessing the cyber attacks, said the volume, sophistication and persistence of the attacks were unprecedented for New Zealand.
In a November 2019 Financial Stability report, the RBNZ warned that the frequency and severity of cyber incidents in New Zealand is increasing.
In February last year, the bank said in a report that the projected cost of cyber incidents to the banking and insurance industry is between NZD 80 million ($ 58 million) and NZD 140 million per year.
“More extreme events have a low probability, but are still plausible,” the bank said in that report.
($ 1 = 1.3808 New Zealand dollars)
Reporting by Praveen Menon in Wellington and Lidia Kelly in Melbourne; Editing by William Mallard