Security Market Segment LS
Wednesday, 09 October 2019 12:16

NZ’s Commerce Commission takes action over security breach from computer equipment theft Featured

By
NZ’s Commerce Commission takes action over security breach from computer equipment theft Image Stuart Miles, FreeDigitalPhotos.net

New Zealand’s competition regulator The Commerce Commission is working with police and taking a range of actions following the theft of computer equipment belonging to an external provider.

In a statement just issued, the Commission says it was informed last week that more than 200 meeting and interview transcripts across a range of the Commission’s work were contained on computer equipment stolen in a burglary.

According to the Commission the transcripts may date back to early 2016 and contain some confidential information businesses and individuals have provided the Commission.

But the Commission says its own network and systems have not been breached, and the information potentially contained on the stolen computer equipment does not include any documents or general consumer complaints provided to the Commission.

Chief Executive Adrienne Meikle says the Commission has been in close contact with police and is confident that every possible action is being taken to locate and recover the stolen equipment.

“We are in the process of contacting those affected to discuss the details of the information potentially compromised. Some of the information is subject to a confidentiality order issued by the Commission under section 100 of the Commerce Act,” Meikle said.

“This makes it a criminal offence for any person in possession of the devices or information from the devices to disclose or communicate it to anyone while the orders are in force. We are also exploring other potential legal avenues to help protect the confidentiality of the information.

“We will also no longer be using the external provider. It was subject to contractual and confidentiality obligations to ensure that information was stored securely and deleted after use. The provider has informed us it did not meet these obligations.

“While this breach has resulted from criminal activity and our provider failing to meet the obligations we placed on it, it is our job to keep sensitive information safe and we apologise unreservedly to those affected. We acknowledge the distress this incident may cause businesses and individuals who have provided information to us in confidence.”

Commission Chair Anna Rawlings said two separate independent reviews have been initiated in response to the security incident and, in addition, the Commission will be contacting its third-party suppliers to seek assurances that they are meeting its expectations in relation to information handling and have systems and processes in place to protect its information.

“Information security is crucial to our role and it is vital that those who interact with us can be confident in our ability to protect confidential and commercially sensitive information. We have engaged Richard Fowler QC to undertake an independent review of the circumstances that led to this specific incident.

“Separately, we have also engaged KPMG to review our information handling processes, including third-party supplier engagements. These reviews will report directly to me and the Commission Board. We will make the findings public once we have considered them and any recommendations made.”

CHIEF DATA & ANALYTICS OFFICER BRISBANE 2020

26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more

DOWNLOAD NOW!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments