Cyber Incident Victim: New Zealand Post
Date:
Sep 2021
Location:
New Zealand
Summary
A denial-of-service attack disrupted online services for multiple New Zealand organizations, including the postal service, banks, weather forecasting agencies, and government ministries, rendering their web platforms inaccessible to users. The incident prompted engagement from national cybersecurity authorities, with government officials acknowledging the disruptions and initiating impact assessments while recovery efforts progressed for some affected entities. No conclusive details regarding the attack's origin or full scope were disclosed during the initial response phase.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 8, 2021, multiple New Zealand organizations experienced disruptions to their online services following a denial-of-service cyber attack. The incident affected ANZ, Kiwibank, New Zealand Post, MetService, and the Ministry for Primary Industries, rendering their web services inaccessible to many users throughout the day. Customers reported widespread difficulties accessing digital banking platforms and other critical online services during the outage. The distributed nature of the attack impacted both financial institutions and government agencies simultaneously, indicating a broad targeting strategy. Service interruptions persisted for an undetermined period before ANZ and Kiwibank began showing signs of partial recovery later that day. No specific technical details about the attack vector or traffic volumes were disclosed in initial reports. The incident occurred during normal business hours, maximizing disruption to commercial operations and public service access.
Digital Economy Minister David Clark confirmed Cert NZ, New Zealand's national computer emergency response team, was actively engaged in assessing the incident's scope and coordinating response efforts. Minister Clark emphasized the government's cautious approach to impact evaluation, stating "Efforts to ascertain the impact of this incident are ongoing" during Wednesday afternoon updates. No threat actor claimed responsibility for the attacks, and authorities did not publicly attribute the incident to any specific group or nation-state. The coordinated timing across multiple organizations suggested a deliberate attempt to disrupt essential services rather than targeting specific data assets. Service restoration timelines varied between organizations, with financial institutions appearing to recover faster than some government entities. The incident highlighted vulnerabilities in public-facing digital infrastructure during sustained denial-of-service campaigns. Impact assessments continued beyond the immediate response period as organizations worked to fully restore functionality and evaluate operational consequences.