The Reserve Bank of New Zealand has been hit by a cyberattack which may have compromised commercially and personally sensitive information.

The bank in a statement earlier today said it was responding “with urgency” after a third-party file sharing service it uses to share information with external stakeholders was hit.

It is working to confirm the extent of the information accessed but says sensitive information may have been put at risk.

Its system has been secured and taken offline while the bank conducts its investigations and it is communicating with system users about alternative ways to securely share data,

Governor Adrian Orr said: “We are actively working with domestic and international cyber security experts and other relevant authorities as part of our investigation. This includes the Government Communication Security Bureau’s National Cyber Security Centre which has been notified and is providing guidance and advice.”

“We have been advised by the third party provider that this wasn’t a specific attack on the Reserve Bank, and other users of the file-sharing application were also compromised.”

“We recognise the public interest in this incident however we are not in a position to provide further details at this time.”

Orr stressed the bank’s core functions are sound and the bank is open for business.

Register for free to receive the latest privacy, security and data protection news and analysis straight to your inbox