Numerous government departments and the public believe to be bodies to have overcome hardship by a ransomware attack on Mercury IT, a popular managed service provider (MSP) in New Zealand.
The upstream target of the ransomware assault, according to New Zealand’s privacy commissioner, was Mercury IT, which “provides a wide range of IT services to customers throughout New Zealand,” on Tuesday morning.
According to its LinkedIn profile, Mercury IT is a small company with 25 employees that offers support, telecom, and infrastructure services to other businesses.
“Urgent work is underway to identify the number of organizations affected, the nature. The information involved and the extent to which any information has been copied out of the system.” The data protection authority stated, adding that it was informed of the “developing situation” on November 30.
In order to “make full use of its information-gathering powers,” the regulator said it would launch a compliance investigation into the incident. It also urged “any clients of Mercury IT the susceptible parties by this incident and who have not already been in touch with us to contact the Office of the Privacy Commissioner.”
The attack, according to a statement from the Ministry of Justice, is blocking it from accessing approximately 4,000 post-mortem examinations from March 2020 to November and 14,500 data related to the transfer of deceased people’s remains.
“We are concerned that so-called hostile actors behind such activities can watch public opinion. In instances of this sort and thus will not be given more extensive information. On our responses at this time,” said the company’s chief operating officer Carl Crafar.
Te Whatu Ora, the nation’s health ministry, said in a statement that access to information on cardiac and bereavement help is more difficult. It said that 5,500 records from the heart and hereditary disease registry and nearly 8,500 documents related to grief care services were unavailable.
The ministry stated that although the aforementioned records are temporarily inaccessible there is currently no proof that they have been downloaded or accessed without authorization.
“We want to reassure the public that there has been no disruption in the provision of health services. That all Te Whatu Ora health services are still operating properly.
The New Zealand Physiotherapy Board, the New Zealand Dietitians Board, the Chiropractic Board, and the Podiatrists Board. The New Zealand Psychologists Board, and the Optometrists and Dispensing Opticians. Board was among the six other health regulatory bodies. That used Mercury IT. Which also fell, according to the ministry.
What effect the incident has had on these services is unclear.
An advocacy group called BusinessNZ has also stated that it will have an effect. An attack on its IT supplier, according to Accuro, a not-for-profit health insurance provider. New Zealand with more than 34,000 members, “has disrupted” its “day-to-day operations and customer service.”
It comes after a significant ransomware incident involving Medibank, a private health insurer in Australia. Last month declared it would not be paying an extortion payment. After hackers obtained access to the data of 9.7 million current and former customers. Including 1.8 million international customers living abroad and started posting the details online.
A new permanent joint standing operation between the Australian Federal Police (AFP). The Australian Signals Already there is the directorate as a result of the incident. Which has sparked nationwide outrage and prompted the Australian government to “offensively attack” the organizations responsible for ransomware incidents.
It happens a week after the UK declared it will impose new mandatory reporting requirements. On MSPs to disclose cyber events, along with minimum security. Criteria that could result in fines of up to £17 million ($20 million) for non-compliance.
In a statement defending the decision, the government noted. That MSPs “play a central role in supporting the UK economy” and issued a warning. They “are employable as staging points through which threat actors can compromise the clients. Those managed services” as they are “an attractive and high-value target for malicious threat actors.”