Jeremy Brake said:
Well.. actually.. Kiwibank's internet banking seems to often be down during the afternoon (*mumble*). Are you guys sure they took it down specifically for that? or was it just (an annoying) coincidence? Then again, the fact that its down at all, regardless of the reason is pretty lame. Someone should take to the admins with a mallet or something.
No, they took it down on purpose. The NBR has published a very detailed article on the event. From http://www.nbr.co.nz/home/column_article.asp?id=13760&cid=3&cname=Technology [url may wrap] : "This afternoon it became apparent about five customers may have followed the instructions from the scam and compromised their bank account details "Kiwibank is working directly with those known to have been affected and this afternoon shut down its Internet bank transaction site as a precaution. and you've really got to wonder why. The phishers could surely save the passwords and use them when the site comes up, so the bank annoyed their customers and has potentially given people the impression that the phishers/hackers had managed to take the site down. Maybe temporarily blocking access from international IP addresses would have been a better solution. -- Kerry Thompson, CCNA CISSP http://www.crypt.gen.nz