ZCZC
BFF-16
NZEALAND-BANK-INTERNET-HACKING
N.Zealand central bank boss apologises over cyber-attack
WELLINGTON, Jan 15, 2021 (BSS/AFP) – New Zealand’s central bank chief
apologised Friday for failings that allowed a “significant” and “malicious”
cyber-attack to occur, and ordered an independent investigation.
The Reserve Bank of New Zealand revealed the breach on Sunday, saying a
third-party file-sharing service that stored sensitive information had been
illegally accessed.
Few details have been released since, aside from the bank saying the
application at the centre of the breach was provided by US-based firm
Accellion.
Governor Adrian Orr confirmed on Friday that the data breach was
significant but had been contained and the bank was operating normally, as
were New Zealand’s financial institutions.
“We apologise unreservedly to all of those impacted by the breach.
Personally, I own this issue and I am disappointed and sorry,” he said in a
statement.
“While a malicious third party has committed the crime, and we believe
service provisions have fallen short of our agreement, the bank has also
fallen short of the standards expected by our stakeholders.”
Orr acknowledged “there are serious questions that need to be answered
about how this incident occurred”.
“In addition to the forensic cyber investigation currently underway, we
have appointed an independent third party to undertake a comprehensive
general review of this incident,” he said.
Orr pledged to be as transparent as possible but said providing further
details at the moment could adversely affect the probe.
In its latest report, the government agency CERT (Computer Emergency
Response Team) said cyber attacks had increased 33 percent on-year in New
Zealand.
The country’s stock exchange was targeted by sustained DDoS (distributed
denial of service) attacks in August, forcing trading to be halted on four
consecutive days.
BSS/AFP/GMR/1108 hrs