The medical and personal information of about 1 million people was exposed after a breach of Tū Ora Compass Health, a primary health organization (PHO) located in New Zealand.

The non-governmental organization (NGO) discovered four intrusions – by what Ministry of Health Director-General of Health Ashley Bloomfield said were two hacktivists and two “more sophisticated actors” – on August 5 after its website was defaced.

The breach “illustrates how third-party healthcare cybersecurity remains a pressing problem throughout the world,” said Elad Shapira, head of research at Panorays, who noted that Tū Ora connected to 60 different general practice teams and other health providers and, like other healthcare companies, collected “some of our most sensitive and confidential data: personal and demographic information, financial statements, health details and insurance policies” that attackers can use for identity theft, insurance fraud, financial gain and blackmail.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.