Incident Details
Health New Zealand, Te Whatu Ora, has initiated the communication process with approximately 12,000 people affected by the purported unauthorized disclosure of data by a former employee. Barry Young, aged 56, has refuted accusations of wrongful access to a computer system. Margie Apa, the CEO of Health NZ, mentioned that the initial batch being informed includes numerous Covid-19 vaccinators whose personal details were exposed in a downloadable file on a blog based in the United States. Upon discovery, immediate action was taken to request the removal of the information, which was eventually deleted.
Incident
How Did the Breach Happen?
Unapproved data was reportedly disclosed by a former employee of Health New Zealand Te Whatu Ora, leading to a breach. The information was found on a US blog where it could be downloaded.
What Data has been Compromised?
The private details of numerous individuals involved in administering Covid-19 vaccines have been exposed.
Why Did the company's Security Measures Fail?
The security protocols of the company proved ineffective as an ex-employee managed to retrieve and disclose data without proper permission. The method through which the former staff member obtained this access remains unknown.
What Immediate Impact Did the Breach Have on the company?
Health New Zealand Te Whatu Ora initiated notifying approximately 12,000 individuals affected by the breach that exposed their personal data. They promptly requested the removal of the compromised information, which was subsequently taken offline.
How could this have been prevented?
To avoid this unauthorized access, Health New Zealand Te Whatu Ora could have enforced more stringent access restrictions and procedures for their computer systems. Conducting frequent security assessments and providing employee education on data security could have also played a crucial role in preventing this breach.
What have we learned from this data breach?
The recent security incident serves as a reminder of the necessity of having strong security measures and procedures in place to safeguard confidential information. It also underscores the importance of conducting routine security assessments and providing training to employees in order to deter unauthorized data breaches.
Summary of Coverage
Health New Zealand, known as Te Whatu Ora, is informing approximately 12,000 individuals who were affected by an unauthorized data leak caused by a previous employee. The incident compromised the personal data of many Covid-19 vaccination workers. Health NZ has asked for the data to be deleted, and it has since been removed.