WELLINGTON (Reuters) – The New Zealand Reserve Bank said on Sunday it was responding urgently to a breach of one of its data systems.
There is illegal access to a third-party sharing service used by the central bank to share and store sensitive information, the bank said in a statement.
Adrian Orr, governor of RBNZ, said the violation was limited, but added that it would take time to understand the full implications of this violation.
“The nature and extent of information that may have been obtained is still being determined, but it may include commercially and personally sensitive information,” Orr said in a statement.
In August, cyber attacks were struck by the operator of New Zealand’s stock exchange. InPhySec, an independent cyber security firm tasked with reviewing the cyberattacks, said the scale, sophistication and persistence of the attacks were unprecedented for New Zealand.
In a report on financial stability in November 2019, the RBNZ warned that the frequency and severity of cyber security incidents in New Zealand were increasing.
In February last year, the bank said in a report that the expected cost of cyber incidents to the banking and insurance industry was between NZD80 million ($ 58 million) and NZD140 million per year.
“More extreme events have a low probability but are still plausible,” the bank said in the report.
($ 1 = 1.3808 New Zealand dollars)
Reporting by Praveen Menon in Wellington and Lidia Kelly in Melbourne; Edited by William Mallard