Privacy Commissioner Issues Compliance Notice To Reserve Bank Following 2020 Cyber Attack

The Privateness Commissioner has issued a compliance discover to the Te Pūtea Matua (Reserve Financial institution of New Zealand) for breaching the Privateness Act.

The discover comes after a cyber attack on the Bank, which occurred in December 2020. The breach was associated to a third-party file sharing service offered by Accellion.

In accordance with Privateness Commissioner John Edwards, the assault resulted in a ‘important breach’ of RBNZ’s safety methods. The Commissioner additionally pointed to potential weaknesses within the Financial institution's capacity to guard private info.

KPMG performed a overview of the Financial institution’s methods and located a number of non-compliance areas throughout the Privateness Act. Consequently, the Commissioner says the Financial institution breached Precept 5 of the Privateness Act, which states that organisations that maintain private info should have cheap safeguards to guard private privateness.

Consequently, the Privateness Commissioner issued a compliance discover. The discover is a template that the Financial institution should comply with to verify enhancements to its safety methods and related insurance policies and procedures.

Reserve Financial institution Governor Adrian Orr says the Workplace of the Privateness Commissioner (OPC) findings are per KPMG’s overview, and the Financial institution takes full accountability.

“We've an in depth programme of labor underway to handle these. This work began shortly after the information breach incident via our enterprise providers enchancment programme (BSIP) which continues to be a key precedence for us right here at Te Pūtea Matua,” says Orr.

Edwards provides,

 » Read more from channellife.co.nz