DHB website hack sparks security review
The Waikato District Health Board has launched a review after its website was hacked this week.
About 30 websites in New Zealand and Spain were targeted by the apparently Algerian-based group Dz Informatics Mafia on Thursday night. The group has a Facebook page featuring illustrations with imagery based both on the Italian Mafia and United States street gangs, and bearing the motto, "Live for nothing or die for some thing".
The group's targets appear to have been randomly selected.
When the hackers struck, people trying to access waikatodhb.govt.nz were met with a black screen with the words "hacker inside" highlighted in white text.
It then changed to show the message "Forbidden: Access denied".
As well as the health board's website, other New Zealand organisations targeted included DairyNZ's PeopleSmart recruitment site and the Career Development Association of New Zealand.
Russell Brown, chief executive of Hamilton-based web design and online marketing firm Digital Stream - which provides web services to the DHB - said he was notified of the attack on his company's servers at 8pm.
"We acted immediately to remove the affected pages and take down the websites. We were able to bring back the affected websites around 9.49pm.
"We are currently undertaking a full investigation with an IT security consultant and our data centre and hosting provider to find the root cause of the issue."
The Waikato DHB website does not hold any patient information and such data would not have been able to be compromised, he said.
Health board chief information officer Darrin Hackett said a full review of web security would be conducted by the board, and this would include whether it would retain the services of Digital Stream.
"We will make that call from the results of that review," he said.
It is not the first time Digital Stream's security has been in the spotlight. In December 2011 millions of spam email messages overwhelmed one of the company's email servers receiving Waikato DHB job applications.