"A Ransomware Attack on a Small Managed IT Provider Disrupts Government Agencies in New Zealand"
A ransomware attack on a small Information Technology (IT) firm that services dozens of public and private enterprises in New Zealand has disrupted several government agencies. According to the Office of the Privacy Commissioner, the attack targeted Mercury IT, a 25-employee corporation that provides IT infrastructure, telecommunications, cybersecurity, technology support, and advisory services from locations in Wellington and Auckland, New Zealand. New Zealand's Ministry of Justice and Ministry of Health (Te Whatu Ora) have been impacted by the cyber intrusion. On November 30, 2022, the IT supplier reported the ransomware attack and recruited an external specialist after discovering unauthorized access to its server environment. New Zealand's National Cyber Security Centre (NCSC), with help from CERT NZ, and the New Zealand Police, took part in the incident response. On December 6, 2022, the Office of the Privacy Commissioner reported that the event was a ransomware attack, and that authorities were working with the IT provider to confirm the extent of the attack. The Ministry of Justice said the ransomware attack prohibited it from accessing 14,500 coronial files related to the transfer of deceased individuals and 4,000 post-mortem exams. The Health Ministry was also unable to access 8,500 bereavement care records and another 5,500 cardiac and hereditary disease registry records in Auckland, Nelson, Tauranga, Wellington, and Waikato. This article continues to discuss the impact on New Zealand government agencies by a ransomware attack faced by Mercury IT.