NZ Hacked 8 October 2019. New Zealand’s Tū Ora Compass Health data breach exposes medical data of one million New Zealand residents.

The health organization has admitted its failure in safeguarding user data.

Organisation Statement: Public message from Tū Ora Compass Health
Source: Tū Ora Compass Health data breach exposes medical data of one million people

On October 5, the PHO said its website was defaced during a cyber incident that occurred in August. The public compromise of the website led to an investigation into Compass Health’s overall IT systems and security posture, leading to the discovery of cyberattacks dating back from 2016 to March 2019.

The organization says it holds data including who is registered at what medical center, National Health Index Numbers, names, dates of birth, ethnicity, and addresses.

PHOs collect and analyze primary health data on long-term conditions, demographics, immunization records, diabetes checks, cervical screening logs, and flu shot records for those over 65 years of age.

“We also hold some organizational financial data for the practices and other health care providers that we work with e.g. invoices and account details, that enable us to pay for services delivered,” the PHO added.