Cyber Incident Victim: Greytown Medical Centre

On August 17, 2019, a global cyber attack compromised a server belonging to Tu Ora Compass Health, a New Zealand healthcare organization, forcing the immediate takedown of its website and those of four affiliated medical centers: Kuripuni, Greytown, Featherston, and Carterton. The attack rendered all five websites inaccessible to the public, disrupting online services for these medical practices in the Wairarapa region. While technical specifics of the intrusion were not disclosed, the incident was characterized as part of a broader international cybersecurity threat. No patient data breaches or clinical system compromises were explicitly confirmed in the available reporting. The operational disruption was limited to website availability, with no evidence suggesting impacts on internal medical systems or appointment scheduling infrastructure.

The attacker, using the alias "VandaTheGod," initially claimed responsibility via Twitter direct messages to DataBreaches.net, framing the incident as a "protest" while exhibiting grammatical errors and typos in communications. When confronted about targeting medical facilities, VandaTheGod denied intentionally attacking healthcare entities, stating "Im no remember hack site medical" and asserting their focus was governmental and educational targets (.gov and .edu domains). This prompted speculation that medical centers might have been compromised incidentally due to potential affiliations with academic institutions. The attacker ceased communication after DataBreaches.net suggested possible domain confusion, offering no further justification. Tu Ora Compass Health implemented containment by taking affected websites offline, though restoration timelines and technical remediation measures were not detailed in public reports. The incident highlighted tensions between hacktivist rhetoric and collateral impacts on essential healthcare infrastructure.