You are currently viewing Computer Hacker Steals Personal Data from 20000 Christchurch Hot Pools Customers

Computer Hacker Steals Personal Data from 20000 Christchurch Hot Pools Customers

About the data breach 

Personal information of more than 20,000 members of the public has been stolen in a data breach at Christchurch City Council’s He Puna Taimoana hot pools. 

The stolen information consists copies of driver’s licenses, rates invoices, passports, utility bills, tenancy agreements, and other council membership cards- all contents given by pool users as residence proof. 

The data breach was found on August 24. Pool users were contacted two weeks later- from an email by Nigel Cox, the council’s head of recreation and sport. 

According to him, they were informed about the hack by a third party who had been contacted by an individual who claims to have accessed and downloaded some files stored on the He Puna Taimoana cloud server. 

Following this, Cox has a reason to believe in that the third party who got access and illegally downloaded the files stored on the He Puna Taimoana cloud server is a ‘white hat hacker’, an actor who compromises computer systems or networks to find vulnerabilities to promote improvement or advancement of the systems and network security. 

“The security of your information is Christchurch City Council’s upmost priority and we appreciate the need to provide information regarding the breach to you as quickly as possible”

Current Status 

As of now, the customers have not been told what to do, but they can consider their personal information might be a part of the data breach. The email takes users to the He Puna Taimoana website for more details. 

Affected users can also contact or email the council. Netsafe chief online safety officer Sean Lyons said “worrying” about the data breach. According to him, passport and driver license copies can be misused for identity theft (in worst case scenarios). 

The information from these documents can be used to impersonate someone’s identity. He suggests customers to get new passports and drivers license if they are worried about the data breach. 

For all the inconvenience it is probably better than the worry of someone out there using your passport number, he says. 

Cox said:

At this stage, we have no reason to believe the information has been further disclosed by the third-party actor other than to the third party who has informed us of the breach.

The privacy commissioner has been informed. The council is aware about its duty under the Privacy Act, and the possible effect on customers, and said the council has launched an investigation. 

National reports:

Christchurch residents get cheaper tickets to the pools, which opened in 2020, but are required to provide proof of address to get the discount.

Read the full article here

News Room

Cybervizer is a blog and podcast site that focuses on the latest technology and cybersecurity topics that are impacting enterprises, both small and large. Join us to explore the most important trends in enterprise technology and cybersecurity today. Get true insights into the tech and trends that will impact you and your organization.