Scoop has an Ethical Paywall
Licence needed for work use Learn More

Local Govt | National News Video | Parliament Headlines | Politics Headlines | Search

 

Privacy Commissioner Considers Action On Ransomware Attack

There has been a cyber security incident involving a ransomware attack on Mercury IT. Mercury IT provides a wide range of IT services to customers across New Zealand.

This is an evolving situation. We were notified of the cyber security attack on 30 November 2022. Urgent work is underway to understand the number of organisations affected, the nature of the information involved and the extent to which any information has been copied out of the system. The Office of the Privacy Commissioner is planning on opening a compliance investigation into this incident so that it can make full use of its information gathering powers. We encourage any clients of Mercury IT who have been impacted by this incident and who have not already been in touch with us to contact the Office of the Privacy Commissioner.

Unfortunately cyber security breaches are becoming a regular occurrence. While work is underway to understand and respond to this particular incident we have some key messages for individuals, organisations and members of the public in general.

It is important that people who receive or find information related to this, or any other cyberattack, do the right thing. Do not spread it. Do not share it. Report it to the New Zealand Police. No one should contribute to its widespread dissemination. Spreading this information or profiteering from it causes anxiety and distress to victims.

For individuals - be on the lookout for anything out of the ordinary. Watch out for suspicious texts, emails or unusual things happening with your accounts or records. Be particularly cautious of contact from an unknown source.

Advertisement - scroll to continue reading

If people would like to know more about some steps they could take to protect themselves from privacy breaches they could follow this link: https://privacy.org.nz/resources-2/protecting-yourself-from-a-privacy-breach/

For organisations who hold the personal data of New Zealanders. You have a responsibility under the Privacy Act to take all reasonable steps to ensure that information you hold in trust is safe from cyber-security breaches. This includes where services are contracted from a third party. A failure to take these steps is a breach of the Privacy Act and can result in compliance and enforcement action. This can include the requirement to “put things right” – for the impacted individuals and in terms of information security systems and processes. There is no room for any organisation to be complacent. Trust is hard won and easily lost.

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Parliament Headlines | Politics Headlines | Regional Headlines

 
 
 
 
 
 
 

LATEST HEADLINES

  • PARLIAMENT
  • POLITICS
  • REGIONAL
 
 

Featured News Channels


 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.