An investigation is underway into a cyber-security attack that could implicate Wairarapa coronial data.
The Ministry of Justice [MOJ] confirmed a recent cyber attack did not target its systems directly.
However, the company affected by the breach provided
IT services to a third-party provider the Ministry had contracts with.
MOJ said it was working with suppliers and other government agencies, including the National Cyber Security Centre Office of the Privacy Commissioner, and the police to understand the extent of the issue.
The chief coroner has been informed.
MOJ chief operating officer Carl Crafar said the incident had affected access to approximately 14,500 coronial files relating to the transportation of deceased people and approximately 4000 post-mortem reports, from November 2018 through to November 2022.
The post-mortem data related to files from Northland, Waikato, Bay of Plenty, Taranaki, Wellington, Horowhenua-Kapiti, Nelson-Marlborough, Otago and Southland from March 2020 to November 2022.
The Ministry confirmed cases from Wairarapa were included in the Wellington files.
“Therefore, cases from the Wairarapa region that required coronial transport and a post-mortem are impacted by the cyber-security incident.”
Crafar said while the incident had blocked access to the data, there was no evidence at this stage that the data had been taken.
However, MOJ said it could not rule out the possibility, and the incident was being investigated thoroughly by cybersecurity experts.
“We acknowledge that this incident has affected information that is sensitive. We will continue working to understand the extent of the incident.
“We are conscious that so-called malicious actors behind such activity can monitor public commentary on incidents of this nature, so will not be providing more detailed information on our responses at this time.”
