Centrix credit bureau have reported that their services were disrupted last week because of New Zealand’s largest known cyber-attack.
Centrix, who are one of the two credit bureaus property managers can use as part of tenancy.co.nz’s TenantCheck service, released a statement saying that some of their data was compromised on Tuesday 14th of September.
“There was a significant “DDoS (Denial of Service)” cyber-attack impacting a number of NZ corporates,” Centrix Customer Experience Specialist Natasha Barker said.
“This cyber-attack has been described as the largest in scale of its kind focusing on New Zealand service providers to date.
“Centrix was not a direct target of the denial-of-service attack however our connectivity service providers were managing enquiry traffic on behalf of some of the targets.
“This resulted in Centrix enquiry traffic throughput being compromised at certain periods during the day.”
A DDoS cyber-attack is designed to flood servers with invalid requests, and from a Centrix perspective, this prevents legitimate enquiry traffic from populating reports because there is not enough bandwidth necessary to connect as usual.
“Our service provider was undertaking all possible measures to manage the attack and provide the necessary bandwidth for legitimate traffic,” Barker said.
“In this type of incident it is not possible to predict the scale or timeline of the attack.
“It became evident due to the scale and on-going length of the attack that Centrix needed to implement our secondary connectivity route whilst connectivity provider continued to manage a resolution strategy.”
Centrix reported that their services returned to normal by the afternoon of Wednesday September 15 and say there was no data loss or data breaches because their communications are encrypted.
Despite the minimal disruption, Centrix would like to apologies to all of their users and say they will be better prepared in the future.
“Whilst this cyber incident was not aimed at Centrix it did result in on-going intermittent connectivity issues for our customers.”
“We apologise for this, and we have used the incident to improve our future responses to similar incidents.
“Thank you for your understanding and we sincerely apologise for any inconvenience”