Fears grow data hacked from Reserve Bank may be leaked by ransomware group | Stuff.co.nz
Fears grow data hacked from Reserve Bank may be leaked by ransomware group
Tom Pullar-Strecker
17:16, Feb 24 2021
Facebook
Twitter
Reddit
Email
Comments4
Play
Unmute
Current Time
0:10
/
Duration
3:47
Fullscreen
RESERVE BANK OF NEW ZEALAND
Reserve Bank governor Adrian Orr apologises for the 'Accellion hack' in January.
A ransomware gang appears to be releasing confidential data obtained from the hack of customers of US software company Accellion, raising fears that New Zealand banks may be next to have data exposed.
The Reserve Bank admitted it had been subject to a serious data breach in January, which occurred when a third-party file-sharing system called Accellion FTA was breached by hackers.
The bank later said it wasn't immediately advised that a patch was available after a vulnerability in the software system was identified by Accellion in December, though it also admitted failings in its own processes.
The software system is believed to have been used by the central bank to receive large files containing confidential information from banks, in its capacity as a regulator of the banking sector.
READ MORE:
* Reserve Bank says it had 'no warning' to avoid a hacking attack
* Reserve Bank statistics go dark for a few weeks due to hack
* Reserve Bank urgently responding to 'illegal breach of data system'
Brett Callow, a threat analyst at cyber security firm Emsisoft, said a ransomware gang known as Clop now appeared to be in possession of data taken from multiple Accellion hack victims, making it quite likely it was also sitting on information stolen from the Reserve Bank.
ADVERTISEMENT
Advertise with Stuff
It was likely that a ransom demand would follow and that banks would have their data published online, assuming the demand was not paid, he believed.
The Reserve Bank is believed to be one of a couple of dozen victims of a hack of filing sharing system Accellion FTA.
ROBERT KITCHIN/STUFF
The Reserve Bank is believed to be one of a couple of dozen victims of a hack of filing sharing system Accellion FTA.
Reserve Bank governor Adrian Orr said it had no comment on that possibility.
The “good news” was that all of the institutions affected by the hack were now well aware of it and were working with the Reserve Bank constructively, he said.
“I don’t want to talk about the ongoing investigations and activities because that would potentially compromise and jeopardise success in that space,” Orr said.
Singaporean telecommunications giant Singtel is another victim of the hack and has admitted having information on 129,000 of its customers stolen.
The Singapore Straits Times reported that some of that material had since been released on the dark web by Clop after Singtel received a “$250,000” ransom demand in Bitcoin, which it is assumed not to have paid.
MORE FROM
TOM PULLAR-STRECKER • SENIOR BUSINESS JOURNALIST
[email protected]
Callow said it was impossible to say whether the Clop group was responsible for the hacks or might be acting on behalf of the actual hackers.
But he believed the latter was probably more likely.
“The Clop group has the infrastructure and expertise to support extortion attempts, which may make them an attractive partner for other cybercriminals,” he said.
Tom Pullar-Strecker
17:16, Feb 24 2021
Comments4
Play
Unmute
Current Time
0:10
/
Duration
3:47
Fullscreen
RESERVE BANK OF NEW ZEALAND
Reserve Bank governor Adrian Orr apologises for the 'Accellion hack' in January.
A ransomware gang appears to be releasing confidential data obtained from the hack of customers of US software company Accellion, raising fears that New Zealand banks may be next to have data exposed.
The Reserve Bank admitted it had been subject to a serious data breach in January, which occurred when a third-party file-sharing system called Accellion FTA was breached by hackers.
The bank later said it wasn't immediately advised that a patch was available after a vulnerability in the software system was identified by Accellion in December, though it also admitted failings in its own processes.
The software system is believed to have been used by the central bank to receive large files containing confidential information from banks, in its capacity as a regulator of the banking sector.
READ MORE:
* Reserve Bank says it had 'no warning' to avoid a hacking attack
* Reserve Bank statistics go dark for a few weeks due to hack
* Reserve Bank urgently responding to 'illegal breach of data system'
Brett Callow, a threat analyst at cyber security firm Emsisoft, said a ransomware gang known as Clop now appeared to be in possession of data taken from multiple Accellion hack victims, making it quite likely it was also sitting on information stolen from the Reserve Bank.
ADVERTISEMENT
Advertise with Stuff
It was likely that a ransom demand would follow and that banks would have their data published online, assuming the demand was not paid, he believed.
The Reserve Bank is believed to be one of a couple of dozen victims of a hack of filing sharing system Accellion FTA.
ROBERT KITCHIN/STUFF
The Reserve Bank is believed to be one of a couple of dozen victims of a hack of filing sharing system Accellion FTA.
Reserve Bank governor Adrian Orr said it had no comment on that possibility.
The “good news” was that all of the institutions affected by the hack were now well aware of it and were working with the Reserve Bank constructively, he said.
“I don’t want to talk about the ongoing investigations and activities because that would potentially compromise and jeopardise success in that space,” Orr said.
Singaporean telecommunications giant Singtel is another victim of the hack and has admitted having information on 129,000 of its customers stolen.
The Singapore Straits Times reported that some of that material had since been released on the dark web by Clop after Singtel received a “$250,000” ransom demand in Bitcoin, which it is assumed not to have paid.
MORE FROM
TOM PULLAR-STRECKER • SENIOR BUSINESS JOURNALIST
[email protected]
Callow said it was impossible to say whether the Clop group was responsible for the hacks or might be acting on behalf of the actual hackers.
But he believed the latter was probably more likely.
“The Clop group has the infrastructure and expertise to support extortion attempts, which may make them an attractive partner for other cybercriminals,” he said.
