Ransomware Attack in New Zealand Has Cascading EffectsGovernment Agencies and Private Sector Affected by Attack on IT Services Provider
A ransomware attack on a New Zealand third-party managed IT service provider affected several government agencies across the country - including the Ministry of Justice and the national health authority.
See Also: M-Trends 2023 Report
The Office of the Privacy Commissioner said "urgent work" is underway to understand the full impact of the incident. The third-party provider is Mercury IT, whose LinkedIn page describes it as a small business based in Wellington. It provides a wide range of IT services to customers throughout New Zealand, according to a one-page website on the company domain.
News of the incident began filtering to the public after Wellington-based private health insurer Accuro informed customers on Thursday of an incident at a third-party provider that may have affected the personal data of its 34,000 customers (see: New Zealand Health Insurer Investigates IT Provider Hack).
A spokesperson for the Office of the Privacy Commissioner told Information Security Media Group that Mercury IT is the constant behind this spate of service outages.
Government health services are running normally but clinicians in some areas of the country cannot access a registry of inherited cardiac diseases or bereavement care services. Approximately 8,500 bereavement records and 5,500 records on the cardiac disease register are unavailable.
Six other health regulatory authorities whose services are hosted by Mercury IT have also been affected. They include the Optometrists and Dispensing Opticians Board of New Zealand, the Chiropractic Board, the Podiatrists Board, the New Zealand Psychologists Board, the Dietitians Board, and the Physiotherapy Board of New Zealand.
The Ministry of Justice says the incident appears to have affected access to approximately 14,500 records relating to the transportation of deceased people and approximately 4,000 postmortem reports.
The New Zealand Herald reported that some private sector organizations may also be affected - including Business NZ, a lobbying organization. The organization's online domain currently displays a one-page website stating that it is "currently under maintenance."