- RBNZ stated that its third party file sharing service has been breached by an anonymous hacker.
- The breach might have helped the hacker get sensitive information, and the act of violation has been put under investigation by the bank.
- NZX was faced with a similar cyber-attack in August 2020 where the exchange was put to a trading halt for 4 days straight.
On 10 January, The Reserve Bank of New Zealand (RBNZ) stated in a statement that a third party file sharing facility that is used by the bank and consists of classified data has been hacked.
Adrian Orr, Governor of RBNZ, stated that though the breach had been contained, the bank was dealing with the issue with urgency and the highest priority. The Bank is working with domestic, international security experts, and appropriate authorities to react to the attack.
Mr Orr stated that RBNZ’s main functions remained sound and operational. However, the type and amount of data that has come under the access of hackers is under question and is being determined. The data might have included some sensitive information at commercial and personal levels, as per the bank.
Cybersecurity experts stated that the breach could have been due to the type of data systems that are being used. However, the entity, government, or organisation behind the attack, is hard to identify.
However, some experts are doubting another government to be behind the attack. A more elaborate report from the central bank of New Zealand is awaited by the experts to deduce something about the attack.
NZX was hit by a similar attack in August
The New Zealand stock exchange also faced analogous attacks in August 2020, when trading was also put to a halt for 4 days straight. NZX disclosed that the stock exchange was the target of the distributed denial of service attacks (DDoS), which swamped its website.
The attack was blamed on overseas hackers by NZX. The Exchange stated that it underwent a volumetric DDoS attack through its network service provider, which also affected the connectivity of the NZX network.
DDoS attack is a malicious effort to thwart the normal traffic of a targeted facility or network by overpowering the target or its nearby infrastructure with a wave of Internet traffic. The DDoS attack makes use of several compromised computer systems as resources to infect traffic. It engulfs a system with requests for data.