|Help / Recent Posts / Search / Login / Register|
Stats: 2316 Members, 4478 topics. Date: February 23, 2017, 10:15:45 PM
|Thousands of NZ nursing union email addresses hacked in phishing scam by John E. by Idowu Olabode : November 03, 2016, 12:01:21 PM|
The nurses' union has been hacked in a phishing scam and tens of thousands of member contact details sent to scammers.
On Monday, someone pretending to be the New Zealand Nurses Organisation chief executive, Memo Musa, using a fake Yahoo email, contacted the union and asked for member email contacts.
The information was unfortunately released, the union says.
A statement said not all of the 47,000 members' emails were registered with the union, but the number of addresses sent to scammers was in the tens of thousands.
Acting chief executive Jane MacGeorge said the union was communicating with members to provide advice and the organisation acknowledged the privacy breach was very unfortunate and upsetting for members.
"We have firstly apologised to our members and have started an investigation into how this happened and are working to prevent this from happening again," she said.
MacGeorge said members should consider whether to open any email from a Yahoo address and question whether an NZNO address was correct.
The union was working with the Office of the Privacy Commission, met police from the cybercrime department, and staff from the Ministry of Health and Department of Internal Affairs.
The Department of Internal Affairs has asked Yahoo to shut the fake email.
"We have communicated with the chief executives of district health boards and worked with the general practitioner organisation to get communication out to the health sector about this release of email addresses and are advising them to be on alert."
A union spokeswoman said it was not yet clear how the information was passed to a third party, but someone faked an email from the chief executive.
An internal investigation into how the breach happened was the first step, she said.
"It's not clear. Where the information was sent was a fake email address that looked like the CEO's address.
"Although it's serious it's not at the high level of personal information [such as health information]. This could have happened to anyone in a way. We'll investigate what happened and there will be a review."
The union chief executive is attending a conference overseas.
Members have been sent information about the scam and the union has apologised, a statement said.
"This data breach occurred as a result of a response to a phishing email. Phishing emails are emails that deceive recipients into believing that they are responding to a legitimate request, in this case from the chief executive.
"We are now investigating how this happened."
The union today published some guidelines on how to secure your email, here are the guidelines :
Advice to NZNO Members on how to be safer online
Tips from www.connectsmart.govt.nz (there is more information on this site)
Password protect all your devices
*Make sure your desktop computers, laptops, tablets, and mobile phones are all secured with different passwords
*Use strong or complex passwords (by including a range of upper and lower case letters, numbers and punctuation), particularly for your email and online banking
*Change these passwords regularly
Secure your computer
*Install adequate firewalls
*Keep your anti-virus software up to date
*Ensure your operating software is up to date
*Ensure that you have information safely backed-up. If disposing of a computer, make sure you have removed all personal data and take steps to clean the hard drive.
Be cautious with emails
*Be suspicious of emails from people you don’t know or that look unusual – it may be spam email with malicious software attached
*Delete any suspicious emails or phishing threats without opening them
*Never reply with further information. Even if the threat isn’t real, replying confirms to the sender that your email address is legitimate, and it will increase the amount of spam you receive
*Do not open any attachments if the source of the message is unknown or suspicious – do not enable macros on documents from an untrustworthy sender
*If you open a spam email or its attachments at work, contact your IT department immediately
*If the source appears to be from a legitimate New Zealand company, we recommend reporting it to your IT or security team so they can identify the threat and warn their customers
*Be suspicious of links directing you to unknown websites. If you are not sure, don’t click on them. Hover over links to check if they are legitimate – and only visit trusted or reputable sites. A secure and authentic website will have two e-security symbols: a closed padlock and https:// in the address bar
*Stop and think before signing up to any online services with your work email address – does your work have a policy in place about using your work email? Would it be better to use your personal email?
Be cautious on social media
*Be suspicious of links shared to unknown websites – even if they are from your friends. If you are not sure, don’t click on them. Only visit trusted or reputable sites. *A secure and authentic website will have two e-security symbols: a closed padlock and https:// in the address bar
*Limit the amount and type of identity information you share about yourself, friends and family on your online accounts
*Be aware of, and check your privacy settings, on social media sites
*Change your password relatively often and ensure it is secure, with a mixture of capital and lowercase letters, number and symbols.
*Also, please look on the netsafe website for information about phishing.
To contact us about the release of member email addresses in error please email:
Viewing this topic: 0 Members and 1 Guest
'A Nurse Is Never Out of Job'-Dr. Margaret Dolapo Ekiran HOD Nursing UNILAG
Started by Idowu Olabode
May 02, 2016, 05:17:49 PM
by Idowu Olabode
'I Wouldn't Have Done This At 18': Why I Switched To A Nursing Degree
Started by Idowu Olabode
February 14, 2017, 04:27:17 PM
by Idowu Olabode