An unidentified hacker has potentially stolen commercially and personally sensitive information. The security breach is the latest to hit New Zealand in recent months.
New Zealand's central bank said on Sunday that it was responding with urgency to a "malicious" breach of one of its data systems.
The Reserve Bank of New Zealand (RBNZ) said a third-party file-sharing service used by the bank to share and store some sensitive information was illegally accessed.
RBNZ Governor Adrian Orr said the breach has been contained and that the bank's main functions "remain sound and operational."
"We are working closely with domestic and international cybersecurity experts and other relevant authorities as part of our investigation and response to this malicious attack," Orr said in a statement.
"The nature and extent of information that has been potentially accessed is still being determined, but it may include some commercially and personally sensitive information," he added.
Cyber attacks on the rise
It's unclear when the breach took place, who was responsible and in what country the file sharing service is based. It would take time to understand the full implications of the breach, the bank said.
In a November 2019 Financial Stability report, the RBNZ warned that cybersecurity incidents were on the rise in New Zealand.
Several major organizations in New Zealand have been the target of cyberattacks in the past year. Last August, the New Zealand Stock Exchange had been targeted by sustained DDoS (distributed denial of service) attacks, halting trade for four consecutive days.
In its latest report, the government agency CERT (Computer Emergency Response Team) said cyber attacks in the country had increased 33% year-on-year.