This article has been indexed from Softpedia News / Security
The Reserve Bank of New Zealand was hacked after Accellion failed to post a warning about an actively exploited vulnerability with available patches in its File Transfer Appliance (FTA), according to Itnews.
While Accellion had updates available for its FTA product in December 2020 and was alerted to the vulnerability by security vendor FireEye as early as the 16th of the same month, the RBNZ was not notified of the issue.
KPMG found in a commissioned post-mortem that Accellion’s email tool failed to send notices and therefore, the bank was not notified until January 6, 2021.
The theft occurred on Christmas Day 2020, and the RBNZ made the data breach public on January 11, stating that it involved comme…
Read the original article: Accellion’s Failure to Warn RBNZ of Security Flaws Led to Hack