Menu
Hacked Reserve Bank acknowledged under-investment in cyber security last year

Hacked Reserve Bank acknowledged under-investment in cyber security last year

File sharing system containing confidential information has been accessed

Credit: Marguerite Hill

The Reserve Bank of New Zealand - Te Pūtea Matua, which revealed a breach of sensitive data yesterday, acknowledged a series of cyber security shortcomings in a consultation document last year.

Consulting on planned changes to improve IT services including data security, the bank reported it was at "high operational risk" due to technical obsolescence and an underinvestment in security across many of its core technology platforms.

It also said staff lacked the modern digital tools, data and systems required to effectively collaborate and to support informed decision making.

The bank noted its then digital services operating model made it hard for the business to engage with IT, struggled to meet current business demand and had unclear accountabilities.

The document outlined a plan to change structures and accountabilities within its digital services team to address the issues starting around the middle of 2020.

Yesterday, the bank said it was responding with urgency to a breach of a third party file sharing service used by to share and store some sensitive information.

Governor Adrian Orr said information had been illegally accessed but the breach had been contained and the bank was treating the matter with the "highest priority, and acting with urgency".

The name of the file sharing application was withheld from yesterday's announcement, however, the consultation document noted a system called Kiteworks, from California-based Accellion, was being used for file sharing as of last May.

Reseller News has asked the bank whether or not this was the system breached, among other questions. (Update: it now appears the breach was of a legacy Accellion file sharing system called File Transfer Application - FTA, not Kiteworks.)

In response, a spokesperson said the bank would not comment on the third party application involved and a further announcement was being considered, perhaps later today.

“We are working closely with domestic and international cyber security experts and other relevant authorities as part of our investigation and response to this malicious attack," Orr said in his statement yesterday.

"The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information.

“The system has been secured and taken offline until we have completed our initial investigations."

Orr said it would take time to understand the full implications of the breach, and the bank was working with system users whose information may have been accessed.

File sharing is widely acknowledged as an area of significant cyber security risk.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags hackinghackfile sharingReserve Bank of New Zealandcyber securityRBNZ

Brand Post

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments