Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

Potentially hundreds affected in Waikato DHB data dump on dark web

Thursday, 1 July 2021

Waikato DHB chief executive Kevin Snee talks about the data dump onto the dark web in the wake of the cyber attack (video first published on July 1, 2021).

Potentially hundreds of Waikato DHB staff members and patients have been affected in a recent data dump that’s appeared on the dark web.

Waikato DHB chief executive Kevin Snee told the media on Thursday he did not yet know how many people’s information had been compromised.

Stuff learnt on Tuesday morning that documents appearing to be from Waikato DHB had been published on the dark web.

The list of documents suggested it included folders containing patient information as well as information about employees and the DHB’s financial affairs.

“We don’t know how many people have been affected, because at this stage we are working through the data.”

**READ MORE:

The May 18 cyberattack on Waikato DHB crippled its hospitals’ services.
The May 18 cyberattack on Waikato DHB crippled its hospitals’ services.

* Cyber attack: Waikato DHB hopes to have computers running at its hospitals in the next two days

* Cyber attack: Waikato DHB counting ransomware cost but it remains to be tallied

* Waikato DHB attack: cyber criminals in 'game cat and mouse' with victims, IT leader says

**

Snee said this was a different set of data than the first, which was revealed in a screenshot sent by hackers to media in May.

About 165 staff had been contacted from that first data leak.

Waikato DHB executive director hospital and community services Chris Lowry and Waikato DHB chief executive Kevin Snee give an update on the cyberattack.
Waikato DHB executive director hospital and community services Chris Lowry and Waikato DHB chief executive Kevin Snee give an update on the cyberattack.

Snee said there was also a group of folders involving a “couple of hundred” patients from that first incident.

He said the DHB was now working through another set of information from this latest data dump which he learnt about on Tuesday – and which also “potentially” involved hundreds of people.

Snee confirmed staff driver’s licences and passports had been involved in the latest data dump.

The DHB was giving them advice about what steps to take to protect their identity now, Snee said.

Administrative and clinical information, likely to be from the DHB, was also there.

The DHB had not yet started contacting patients involved in this most recent incident – for fear that may cause them mental health harm.

There was a process for assessing the data and communicating the situation to the patients involved.

“We are taking the patients’ wellbeing and making sure whatever information is given in a way that doesn’t do any harm.”

Snee said the DHB was “reasonably confident of the entry point” for the cyberattack, which occurred in the early hours of May 18 and crippled the hospital’s services.

But he denied the DHB was complacent in strengthening its IT systems, and did not answer a question on whether the attack was preventable.

“I would say that’s a subject for the inquiry.

“Any subsequent inquiry would identify lessons learned.”