Competenz Confirms Cyber Attack On IT Systems

In June 2024, training organisation Competenz experienced a cyber-attack, resulting in unauthorised access to its IT system and data theft.

Competenz immediately notified its learners and other stakeholders and informed relevant authorities.

The attack resulted in cybercriminals extracting a range of data, including personal information of some of the organisation’s past and present learners, past and present employers, assessors, staff, and business partners.

Competenz is sincerely sorry to anybody affected and recognises the impact of the theft of this personal information. The training organisation would like to take this opportunity to explain what has happened to those they have been unable to contact.

What personal information is involved?

The types of personal information stolen include names, contact details, dates of birth, copies of identity documents such as passports, birth certificates, driver's licenses, citizenship, residence, and visas, other information regarding students and employees, and financial information, including cards and bank account numbers.

What steps has Competenz taken?

Competenz isolated the affected systems as soon as the attack was discovered. The training organisation moved to ensure its IT environment and systems were operational as quickly as possible to minimise impact on its learners, employers and stakeholders.  It has also put in place systems to enhance cyber security resilience.

Since the June incident, Competenz has issued updates about the breach to its learners and stakeholders, keeping them informed of the investigations and providing information about taking precautions to protect personal details.  This has included directly contacting known impacted individuals and providing support and advice as required. 

Details of the attack have been posted on the Competenz website.  

Notification to those affected

The Competenz team has been attempting to individually notify those past and present learners, past and present employees, and stakeholders whose information is believed to have been compromised.  

If you or someone you know may have been affected, please take these steps to protect your information. First, contact Competenz by visiting https://www.competenz.org.nz/updates/cyber-incident and completing the form at the bottom of the webpage. Competenz will respond with relevant information as soon as possible.

Affected individuals wanting to contact Competenz regarding the privacy breach should email cyberinfo@competenz.org.nz.

Competenz recommends the following steps to safeguard personal information:

• For steps to take regarding driver's licences and passports, refer to the Department of Internal Affairs’ online checklist: Identity theft online checklist.
• Stay alert: Watch for any suspicious communications or phishing attempts.
• Monitor accounts: Regularly check your financial and online accounts for unauthorised activities.
• Check your credit record: Check your credit record to confirm if your identity has been used to obtain credit without your knowledge. Please click here for further information on this topic.
• Update security: Change passwords and enable two-factor authentication where possible.

Visit the Competenz website for ongoing updates and information. If you have any inquiries regarding this breach, please direct them to cyberinfo@competenz.org.nz.

Affected individuals have the right to make a complaint to us or the Office of the Privacy Commissioner.

© Scoop Media