(25 page PDF author Prof Stuart E Madnick Ph.D December 2023). The Continued Threat to Personal Data. Key Factors Behind the 2023 Increase. (December 2023) Over 2.6 billion personal records were breached in 2021 and 2022 (1.1 billion in 2021 and 1.5 billion in 2022).  * The number of data breaches more than tripled between 2013 and 2022.2    * According to a 2023 report, over 80% of data breaches involved data stored in the cloud.   * In the first three quarters of 2023, the number of ransomware attacks increased by almost 70% compared to the first three quarters of 2022.  * 98% of organizations have a relationship with a vendor that experienced a data breach within the last two years  * In the first eight months of 2023 alone, over 360 million people were victims of corporate and institutional data breaches.   * In the first three quarters of 2023, one in four people in the US had their health data exposed in a data breach

RNZ Reported 3^rd June 2021 The number of cyber security incidents reported in New Zealand has risen 25% since this time last year (2020-2021). Government agency CERT NZ’s quarterly report shows there have been 1431 cyber security incidents in the first quarter of this year. The financial loss due to cyber attacks is 7%. Almost a ¼ of the breaches resulted in financial loss totaling $3 Million. Six cases involved in the loss of $100,000 or more. 278 incidents were referred to the police, an increase of 46% compared with the previous quarter

 

Ministry of Justice chief operating officer Carl Crafar said at this stage, it’s believed the incident affected access to approximately 14,500 coronial files relating to the transportation of deceased people, and approximately 4000 post-mortem reports. Stuff NZ reported 5^th October 2019 ‘Up to 1 million NZ patients data has been breached in a criminal cyber hack. Tu Ora Compass Health CEO Martin Hefforf confirmed this, that medical data could be in criminal hands after cyber attacks dating back years.  Wellington, Kapiti and Wairarapa Primary Health Organization (PHO) Tu Pra Compass Health confirmed anyone enrolled in a medical centre in the region between 2002- 2019 could be affected.

The extent of the patient files that were accessed was impossible to ascertain. PHO’s held individual data such as medical centre enrolment information including names, addressed, ethnicities, ages. It also held data that could be linked to individual patients advised on stopping smoking and alcohol related intake issues. Some information relating to children that were due for their immunizations, also those that were having diabetes checks, flu jabs, women recalled for cervical screening and people due for heart and diabetes checks. Also mental health counselling service information on patients. The current population area covered was about 648,00, but information goes back to 2001- until 2019. Therefore this could be personal information on living and dead people as well.

A newly-released report into last year’s cyber attack of the Waikato District Health Board said Te Whatu Ora needs to “think like a hacker” when building its security softwares. The ransomware attack last May brought the DHB’s hospitals and services to a halt for days, as it tried to restore its IT systems.

 

RNZ reported 4^th July 2020 ‘Details of active COVID 19 cases leaked in privacy breach. Stating there has been a massive privacy breach, with the leak of personal details revealing the identity of New Zealand’s 18 active Covid cases. RNZ has seen a document that includes the full names, addresses, age and the names of the hotel and one hospital the 18 have been quarantining in. Newshub reported 6/12/2022 Thousands of corona’s files, post mortem reports caught up in ministry of Justice hack. National Cyber Security, Ministry of Health, also police found evidence of cyber hacks going back to 2016. It was said that they will never know if individual patient has been accessed, it is likely they would never know , it was said. It was unclear who was behind the attacks, where they originated from, for what purpose, though one theory was ‘harvesting information for the purpose of identity theft’

Te Whatu Ora reported on their website there had been a cyber security incident affecting an IT service provider that has impacted Access to Te Whatu Ora data relating to bereavement and carias services. I tapped on the link and this text came up.. Sorry we cant find this page you are looking for (No surprises here)