Waikato District Health Board (DHB) has engaged external assistance to help it address a cyber security incident affecting its information services environment.
Waikato DHB said in a social media update posted on the morning of 18 May that it was experiencing a full outage of its information services, with the issue affecting clinical services across its hospitals, including Waikato, Thames, Tokoroa, Te Kuiti and Taumarunui, to varying degrees.
Landline phone services were also down as a result of the incident, including the main Waikato DHB number.
“A coordinated incident management system has been established to resolve the situation as soon as possible. We are currently investigating the cause of this outage,” Waikato DHB said at the time.
By 11:45am on 18 May, Waikato DHB said that it had engaged external assistance to address the cyber security incident affecting its information services environment.
“We are at the early stages of identifying what has happened, and are unable to provide further detail at this stage while we investigate the incident. The appropriate government authorities have been advised of the situation,” the organisation said at the time.
“We are uncertain how long it will take to resolve this situation, but we are working hard to get our services back online,” it said.
Later in the afternoon, Waikato DHB chief executive Kevin Snee took to social media to assure the public that the organisation was working on the issue and was continuing to prioritise customer care despite the disruptions.
“We’re working hard to resolve the issue, but while we do that, there some important messages I wanted to give you,” Snee said in a video recording. “The care of our patients remains our priority. We’re managing our services to ensure all our inpatients are kept safe and receive he appropriate care.”
However, the incident meant that some outpatient clinics and elective surgeries had to be postponed, while the emergency department was only taking urgent patients.
According to a report by media outlet Stuff, Snee said that some communications received by Waikato DHB indicated a ransom attack, but this was still to be verified.
“Irrespective of that, no ransom will be paid,” Snee said, according to the report.
The cyber incident comes several months after the Reserve Bank of New Zealand was hit by a cyber attack thanks to an exploit used to compromise third party provider Accellion's 20-year-old legacy File Transfer Appliance (FTA) software.
In that case, the Reserve Bank of New Zealand said it received no warning for five days after the attack that targeted its file sharing system from the US software vendor.
“We had no warning to avoid the attack which began in mid-December," bank governor Adrian Orr said.
"Accellion failed to notify the Bank for five days that an attack was occurring against its customers around the world, and that a patch was available that would have prevented this breach.”
In January this year, as news of the hack broke, Accellion said it had resolved the vulnerability and released a patch within 72 hours to the less than 50 customers affected.