The health data belonging to nearly one million New Zealanders has been accessed illegally after a cyber attack on Tū Ora Compass Health's website.
The website was hacked in August 2019, but investigations into the incident have found previous attacks dating as far back as 2016 to March 2019.
Neither the firm nor New Zealand's Ministry of Health has been able to determine whether these attacks resulted in any medical information being accessed.
The company collects and analyzes data from medical centers from patients in the greater Wellington, Wairarapa, and Manawatu regions dating all the way back to the early 2000s.
The health ministry claimed that the data does not include notes made on consultations patients have had with general practitioners, but does include other kinds of information such as enrollment information at medical centers, patients' National Health Index Number, full names, dates of birth, ethnicity, and addresses.
In a limited number of cases, Tū Ora stored information on patients' smoking status and information on patients managing chronic conditions like diabetes.
Martin Hefford, CEO of Tū Ora, said in a statement, "While this was illegal and the work of cybercriminals, it was our responsibility to keep people's data safe and we've failed to do that."
Health data and medical records belonging to millions of Americans were also recently found available online and unprotected from abuse by anyone with basic computer skills. This discovery came from Greenbone Networks, a German security provider that identified security issues across 52 different countries. NNT is the sole North American reseller of Greenbone, to learn more, visit our website.