Accellion hack behind Reserve Bank of NZ data breach – Security

RBNZ governor Adrian Orr. The Reserve Bank of New Zealand, which yesterday disclosed it had suffered a data breach, now says it was caught up in a hack of enterprise data protection provider Accellion. Accellion’s file transfer appliance (FTA) was accessed illegally, RBNZ said in a statement. “We have been […]

Accellion hack behind Reserve Bank of NZ data breach


RBNZ governor Adrian Orr.

The Reserve Bank of New Zealand, which yesterday disclosed it had suffered a data breach, now says it was caught up in a hack of enterprise data protection provider Accellion.

Accellion’s file transfer appliance (FTA) was accessed illegally, RBNZ said in a statement.

“We have been advised by the third party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file sharing application were also compromised,” RBNZ governer Adrian Orr said.

The FTA system, which was used to store and share sensitive information, has been secured and taken offline, RBNZ said. 

RBNZ said the compromised data may include some commercially and personally sensitive information.

The bank would not provide any further details such as how and when the data breach took place, claiming doing so could adversely impact its investigation and the steps taken to mitigate the breach.

Accellion told iTnews that it was made aware of a vulnerability in its “legacy FTA software” in mid-December last year.

The vulnerability was resolved and a patch released for FTA within 72 hours, a spokesperson for the vendor said, adding that “less than 50 customers [were] affected.”

Accellion said the FTA is a 20-year-old product for large file transfers. 

“While Accellion maintains tight security standards for its legacy FTA product, we strongly encourage our customers to update to kiteworks, the modern enterprise content firewall platform, for the highest level of security and confidence,” the spokesperson said.

With the FTA now offline, RBNZ is working with users of the system to find alternative ways to securely share data.

Other systems were not impacted by the data breach, RBNZ said.

“Our core functions and New Zealand’s financial system remain sound, and Te Pūtea Matua [RBNZ] is open for business. This includes our markets operations and management of the cash and payments systems,” Orr said.

Rosa G. Rose

Next Post

Apa Itu SEO? Pengertian, Konsep Dasar, Dan Manfaatnya

Wed Jan 13 , 2021
Enhance and monitor your website’s search engine rankings with our supercharged SEO tools. By signing up, you agree to our phrases and privateness policy You agree that we can contact you about Udemy and use knowledge from third events to personalize your experience. This is vital for desktop but mobile […]