A third-party file sharing service used by the Reserve Bank of New Zealand – Te Pūtea Matua to share and store some sensitive information, has been illegally accessed. Governor Adrian Orr stated that the breach has been contained, but that it would take time to determine the impact.
“We are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation,” said Orr. “This includes the GCSB’s National Cyber Security Centre which has been notified and is providing guidance and advice. We have been advised by the third party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised.”
The bank is working to understand the nature and extent of information that has been potentially accessed. However, it warns that it may include some commercially and personally sensitive information. The bank reports that the breached system has been secured and taken offline and that it is working with system users whose information may have been accessed.
“Our core functions and New Zealand’s financial system remain sound, and Te Pūtea Matua is open for business. This includes our markets operations and management of the cash and payments systems,” concluded Orr.