15 Sep
2021
15 Sep
'21
11:41 a.m.
On Mon, 11 Jan 2021 18:20:07 +1300, I wrote:
Seems hackers broke into a secure file-sharing service called Accellion, based in California. The RBNZ was using that to exchange documents with the likes of banks and insurance companies.
Followup: the RBNZ has been hit with a compliance notice from the Privacy Commissioner under Principle 5 of the Privacy Act <https://www.nzherald.co.nz/business/reserve-bank-hit-with-compliance-notice-from-privacy-commissioner-over-data-breach/GSMMPOPR2SCWIIYFFPR36OGAEU/>. In other words, it has failed to ensure reasonable safeguards against “loss, misuse or disclosure of personal information”. Failure to comply can mean a $10,000 fine.