New Zealand central bank postpones statistics releases after cyber hack

·2 min read
FILE PHOTO: Pedestrians walk near the main entrance to the Reserve Bank of New Zealand located in central Wellington, New Zealand

WELLINGTON (Reuters) - New Zealand's central bank said on Friday that it will postpone publication of most of its statistical data releases for a number of weeks while it investigates a cyber attack that led to a serious breach of its data systems.

The breach was announced earlier this month and the Reserve Bank of New Zealand (RBNZ) said a file sharing service provided by California-based Accellion was illegally accessed.

Statistics on bank customer lending, credit card balances and spending, new mortgage commitments, bank liquidity, non-bank lending institutions, and retail interest rates would be delayed, the bank said.

"RBNZ will be postponing publication of most statistical releases. We will provide an updated release calendar when we can, but we expect delays of 3-4 weeks to most publications," RBNZ said in an email.

The bank said delays to publication were necessary because the hacked file transfer software application, Accellion FTA, was used for transferring data from regulated entities into RBNZ systems.

"The RBNZ will not be collecting data from these entities for statistical production until a new secure file transfer system is implemented," RBNZ said.

The bank said no data has been lost and no publications will be cancelled, and it expect the new system to become available in February.

Publications scheduled for February and March would also be affected, including the December 2020 quarter Bank Financial Strength Dashboard.

"It's clear the data affected was shared by banks and other institutions," said Dave Parry, Professor of Computer Science at Auckland University of Technology.

"There is possibly a loss of trust among these institutions that their data will be secure, until it's been proven that it will be secure."

RBNZ had said earlier in the day that the data breach investigation had significantly progressed and it was able to tell stakeholders which of their files were downloaded illegally.

(Reporting by Praveen Menon; Editing by Jacqueline Wong and Kenneth Maxwell)