One million New Zealanders Have Data Compromised in Healthcare Breach

Around one million New Zealanders had their data compromised by a security breach at one of NZ's Primary Health Organisations (PHOs*), Tū Ora Compass Health.

According to a statement released by Tū Ora, the PHO's website was "attacked as part of a global cyber incident" on August 5, at which time the PHO took its server offline and strengthened their IT security, while starting an in-depth investigation.

"The investigation has found previous cyber attacks dating from 2016 to early March 2019," said Tū Ora. "We don’t know the motive behind the attacks (and) have laid a formal complaint with Police ... they are investigating."

Tū Ora holds patient data going back to 2002, from the greater Wellington, Wairarapa and Manawatu regions, an area with a population of around 650,000 people (NZ's population: 4.8 million). Taking into account former patients who have moved away from the area, or are deceased, that number increases to nearly one million.

The affected data included names of those enrolled at medical centres, their National Health Index Number, name, date of birth, ethnicity and address. Other information such as financial details (bank/credit card numbers) and passport, tax and driver license numbers wasn't compromised in the breach.

Tū Ora Chief Executive Martin Hefford apologised for the inciddent and confirmed the PHO has moved its public websites to a new platform and strengthened its security measures by, among others, "enhancing its anti-virus and email scanning software, implementing a Security Incident and Event Management system, as well as a Web Application Firewall, and establishing a Security Operations Centre for real time monitoring and resolution of cyber threats."

The PHO is also moving to a fully secured "Microsoft Azure environment".

*PHOs are funded by district health boards and provide primary health care services to those enrolled with the PHO.

. . .

If you want to stay notified of vulnerabilities that affect you, register for a weekly security report customised to your stack.