www.stuff.co.nz Open in urlscan Pro
2a02:26f0:ea:482::3871  Public Scan

Form analysis
2 forms found in the DOM

GET /searchresults

<form action="/searchresults" method="get"><input type="search" name="q" placeholder="Search" aria-label="search"><label><input type="submit"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 30.239 30.239">
      <path
        d="M20.194 3.46c-4.613-4.613-12.121-4.613-16.734 0-4.612 4.614-4.612 12.121 0 16.735 4.108 4.107 10.506 4.547 15.116 1.34.097.459.319.897.676 1.254l6.718 6.718a2.498 2.498 0 003.535 0 2.496 2.496 0 000-3.535l-6.718-6.72a2.5 2.5 0 00-1.253-.674c3.209-4.611 2.769-11.008-1.34-15.118zm-2.121 14.614c-3.444 3.444-9.049 3.444-12.492 0-3.442-3.444-3.442-9.048 0-12.492 3.443-3.443 9.048-3.443 12.492 0 3.444 3.444 3.444 9.048 0 12.492z">
      </path>
    </svg></label></form>

<form class="sj-search-form">
  <div id="sj-search-bar"> <span id="sj-icon-search"></span> <input data-sj-search-query="" type="search" placeholder="search this site"> <button data-sj-search-query-go="" type="submit" class="sj-search-go blue">Search</button> </div>
</form>

Text Content

 * NEWS

 * National
 * World
 * Climate Change
 * Politics
 * Business
 * prosper
 * Farming
 * Technology
 * Sport
 * Rugby

 * VOICES & IN DEPTH

 * perspectives
 * Pou Tiaki
 * Spotlight
 * Stuff Nation
 * Cartoons
 * KEA Kids News
 * Podcasts

 * LIVING

 * Travel
 * Homed
 * LifeStyle
 * Entertainment
 * Complex
 * Motoring
 * Food & Wine
 * Oddstuff

 * REGIONS

 * northland
 * Auckland
 * Waikato
 * Bay of Plenty
 * Taranaki
 * hawke's bay
 * manawatu
 * wellington
 * nelson
 * marlborough
 * canterbury
 * south canterbury
 * otago
 * southland

 * MORE

 * Weather
 * Quizzes
 * Puzzles
 * Newsletters

 * ABOUT STUFF

 * contribute
 * Advertising
 * Careers
 * Privacy
 * Contact

 * STUFF FAMILY

 * stuff ads
 * Play Stuff
 * neighbourly
 * mags4gifts
 * Ensemble
 * stuff events
 * stuff coupons


 1. Business

Log in






RANSOMWARE ATTACK: WAIKATO DHB SUPPORTING PATIENTS AFTER DOCUMENTS DUMPED ONLINE

Tom Pullar-Strecker17:08, Jun 29 2021
 * Facebook
 * Twitter
 * WhatsApp
 * Reddit
 * Email

LIBBY WILSON/Stuff
Waikato DHB is not yet back to normal after May cyberattack, Health Minister
says.

Waikato District Health Board is contacting patients whose personal information
has now been dumped online following a ransomware attack in May, Health Minister
Andrew Little says.

Little promised “a full, independent inquiry” into what appears to be the
country’s most serious cyberattack, during an emergency debate in Parliament.

Stuff learnt on Tuesday morning that documents appearing to be from Waikato DHB
had been published on the dark web.

The list of documents suggested it included folders containing patient
information as well as information about employees and the DHB’s financial
affairs. Stuff has not accessed the data to verify the contents.




READ MORE:
* Waikato DHB hack escalates to national crisis, top-level officials to meet in
Wellington
* Waikato DHB scrambles to contain cyber attack, safety of patient data unclear
* NZ firm helps Irish health service recover from ransomware attack
* DHB attackers likely to threaten to release patient health records, says
expert


Brett Callow, a threat consultant with Nelson-based cybersecurity firm Emsisoft,
said the information appeared to have been dumped by an organisation called Vice
Society that may also have been known as HelloKitty.

Little confirmed the document dump.

More from
Tom Pullar-Strecker • Senior business journalist

tom.pullar-strecker@stuff.co.nz

“I want to acknowledge the patients and staff whose information was held by the
Waikato DHB who have now had that information compromised,” he told Parliament.

Waikato DHB had a system in place to contact patients to let them know the
nature and extent of information about them that had been compromised, he said.

The DHB was working with victims to provide them with necessary support, he
said.

“In addition, people, are entitled to go to the Office of the Privacy
Commissioner and exercise their rights under the Privacy Act.”

Little said cyberattacks were “the reality of the world”, noting Ireland’s
health service had also suffered a huge ransomware attack days before Waikato
DHB discovered it had been attacked.


supplied
A partial list of the Waikato DHB document dump.

The DHB was still recovering from the May attack, he said.

Many systems are back online but there was “no question it is not back to normal
yet”, he said.

A source suggested Waikato DHB had an unusually high proportion of software
systems awaiting critical software patches, that could potentially have made it
more vulnerable to an attack.

The DHB has been approached for comment.

Little promised an inquiry once the DHB had recovered.

“There will be – because there has to be – an appropriate independent inquiry
into the state of the system before the ransomware attack and the quality of the
response to it,” he said.

“Only at that point will we have an understanding about the extent to which that
system was vulnerable, or whether it was a DHB that had done everything expected
of it,” he said.

Little previously made clear that the DHB would not pay a ransom to the
criminals who hacked it.


ROBERT KITCHIN/Stuff
Health Minister Andrew Little has promised a full and thorough independent
inquiry, down the track.

National Party communications spokeswoman Melissa Lee voiced strong support for
that stance.

“I applaud the Government for not bowing down,” she said.

But Lee questioned whether it had sufficiently funded cybersecurity given how
common attacks had become.

“Why did this Government not boost cybersecurity resilience through its Budget
process?” she said.

Australia had done that with an A$1.6 billion (NZ$1.7b) budget boost this year,
she said.

Callow said the threat of releasing the data was used as additional leverage to
force payment.

“Organisations in this situation are without good options,” he said. “They’ve
had a data breach and, whether they pay or not, that cannot be undone.”

Emsisoft had no insight on who may have created HelloKitty ransomware or where
they might be based, he said.

“The ransomware is likely sold as a source code kit, and so may be being used in
a rebranded form by multiple threat actors.”

The software had no cryptographic vulnerabilities, he said.

“Consequently, the only way to recover encrypted files is to restore them from
backups or pay the demand.”

Callow is among a growing number of cybersecurity professionals who have called
for governments to ban the payment or facilitation of cybersecurity ransoms to
try to make attacks less profitable, and has described the current state of
affairs as a “feeding frenzy” for criminals.

Your dollars for our sense

From the state of the economy and issues that matter to corporate NZ, to the
cost of living and rollercoaster ride of getting a mortgage, Stuff's business
team crafts smart, crucial coverage for you every single day.

We know that Kiwi businesses and consumers need good intel to thrive, so our
reporters are working right now to bring you more stories like the one you've
just read.

If you're likely to read them, please make a contribution to support our work.

Support Stuff’s journalism today


 * Facebook
 * Twitter
 * WhatsApp
 * Reddit
 * Email






MOST POPULAR

 * Tributes flow after Sky Sport rugby commentator Willie Los'e dies, aged 55
 * 'Extremely dangerous' shooting suspect with facial tattoo allowed on plane
 * 'Monstrosity' seawall on Auckland property left trail of damage, neighbours
   say
 * Live: Black Caps vs Australia, second Chappell-Hadlee ODI
 * Covid-19: Jacinda Ardern set to skip green, head straight to near normality
 * Quiz: Afternoon trivia challenge: September 8, 2022
 * Study identifies which big cities will swelter worst in heatwaves
 * Second suspect in Canada stabbing rampage dies after arrest
 * More than 1000 protest against sentence for rapist
 * Ex-Christchurch man on FBI's most wanted list over pornography scandal
   involving at least 20 women





NeighbourlyTravel BookingsPlay StuffStuff CouponsWildCleanFamily NoticesStuff
EventsAdvertisingCareersPrivacy PolicyCookies PolicyTerms & ConditionsEditorial
CodeContact Us

BREAKING NEWS?

Send your photos, videos and tip-offs to
newstips@stuff.co.nz, or call us on 0800 697 8833
FacebookTwitterSnapchatShielded Site

© 2022 Stuff Limited

×
Search