New Zealand Reserve Bank breached using bug patched on Xmas Eve

A recent data breach at the Reserve Bank of New Zealand, known as Te Pūtea Matua, was caused by attackers exploiting a critical vulnerability patched the same day.

Over the weekend, the Reserve Bank disclosed that they suffered a data breach after an attacker hacked a third-party file sharing service containing sensitive data.

In a new advisory released yesterday, the Bank states that the attackers breached their Accellion FTA file sharing service.

“A third party file sharing service provided by Accellion called FTA (File Transfer Application), used by the Bank to share and store some sensitive information, was illegally accessed.”

Read more…
Source: Bleeping Computer