Wellington (Reuters)-The Reserve Bank of New Zealand said on Sunday that it is responding urgently to violations of one of its data systems.
The bank said in a statement that it illegally used a third-party file sharing service that the central bank uses to share and store sensitive information.
The governor of the Bank of New Zealand, Adrian Orr, said that the violation has been contained, but he added that it will take some time to fully understand the meaning of the violation.
“The nature and scope of the possible information is still being determined, but it may include some commercial and personal sensitive information,”
In August, the operator of the New Zealand Stock Exchange was attacked by a cyber attack. InPhySec, an independent cyber security company responsible for reviewing cyber attacks, said that for New Zealand, the number, complexity and persistence of attacks are unprecedented.
In the November 2019 Financial Stability Report, the Bank of New Zealand warned that the frequency and severity of cybersecurity incidents in New Zealand is increasing.
In February last year, the bank stated in a report that the expected cost of cyber incidents in the banking and insurance industry ranged from 80 million New Zealand dollars (58 million US dollars) to 140 million New Zealand dollars per year.
The bank stated in the report: “More extreme events are less likely to occur, but they are still reasonable.”
(1 USD = 1.3808 New Zealand dollars)
Reporting by Praveen Menon in Wellington and Melbourne’s Lidia Kelly; Editing by William Mallard