The Ministry of Health, New Zealand had no idea about a cyber attack incident for three years. But in this case what is more concerning and threatening is that this hack placed in jeopardy the medical details of a million people.
The hacking incident came under the radar during checks carried out after a hacktavist attack which vandalized a website. Later when the National Cyber Security Centre (NCSC) conducted an investigation, they found other intrusions, including one in 2016.
The investigation revealed that a sophisticated cyber attack, that occurred three years ago exposed people's personal data back to 2002.
As reported by The New Zealand Herald, cyber attackers targeted Tū Ora Compass Health, which provides data services to Think Hauora and patient services to Cosine, Te Awakairangi Health Network and Ora Toa. It should be mentioned that the group cover about 648,000 people in the areas.
An analysis by the Government Communications Security Bureau's (GCSB) NCSC revealed that Tu Ora Compass Health had been targeted four times by malicious cyber activities, involving the exploitation of publically known web server vulnerabilities and two of them dated back to 2016.
The GCSB Director-General Andrew Hampton said that one of the 2016 attacks came from "sophisticated cyber actors" and those incidents indicates that patient's information was accessible to the hackers.
In addition, he said, "We believe it is likely that data was accessed or taken."
As per the Director-General of Health Dr Ashley Bloomfield the NCSC had been working with the respective authorities on the hack after its discovery in early August. He also mentioned that the information they received in mid-September aims towards new discoveries of vulnerabilities and the process is currently ongoing.
The review uncovered four hacks. While two of these attacks carried out by cyber "hacktavists" such as Vanda The God, rest were conducted by more "sophisticated" attackers.
National Party health spokesman Michael Woodhouse said Minister of Health David Clark said "This cybersecurity breach may have seen information about the mental health, sexual health and other private enrolment information of several thousand past and present patients of practices with Tū Ora Compass PHO accessed and in criminal hands. This is an extremely serious and concerning the breach."
