{
	"id": "2d85ba80-5060-4546-92c5-39f1ca67e655",
	"created_at": "2026-04-06T00:19:05.677273Z",
	"updated_at": "2026-04-10T13:11:24.472808Z",
	"deleted_at": null,
	"sha1_hash": "b54b0d857a451bd2a679b65a71083edfe89d738f",
	"title": "New Zealand hospitals infected by ransomware, cancel some surgeries",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 42864,
	"plain_text": "New Zealand hospitals infected by ransomware, cancel some\r\nsurgeries\r\nBy Laura Dobberstein\r\nPublished: 2021-05-19 · Archived: 2026-04-05 19:58:49 UTC\r\nNew Zealand's Waikato District Health Board (DHB) has been hit with a strain of ransomware that took down\r\nmost IT services Tuesday morning and drastically reduced services at six of its affiliate hospitals.\r\nThe attack disabled all IT services except email. Patient notes became inaccessible, clinical services were\r\ndisrupted, and surgeries postponed. Phone lines went down and hospitals were forced to accept urgent patients\r\nonly.\r\nYesterday, Waikato DHB chief executive Kevin Snee told local outlet Stuff that it could be days before systems\r\nare running again. In the meantime, hospital staff have turned to old fashioned pen and paper and referring non-emergency cases elsewhere.\r\nWaikato DHB said today in a canned statement:\r\nAt affiliate Waikato Hospital, 29 out of 102 elective inpatient surgeries were postponed today. Yesterday, six out of\r\n101 were cancelled. At affiliate Thames Hospital, all elective surgeries were postponed. All outpatient activity was\r\ndeferred at affiliate hospitals in rural areas.\r\nThe organisation added:\r\nThe head of Waikato DHB has decided not to pay a ransom, a decision also made by the Scottish Environmental\r\nProtection Agency when it was attacked by WizardSpider-deployed Conti malware last January.\r\nThe Kiwi infection follows WizardSpider's attack last week that resulted in a Irish hospital cancelling outpatient\r\nappointments.\r\nColonial Pipeline suffers server gremlins, says it's not due to another ransomware infection\r\nAxa insurance offshoots pwned as Ireland reveals second ransomware hit\r\n48 ways you can avoid file-scrambling, data-stealing miscreants – or so says the Ransomware Task Force\r\nEmotet malware self-destructs after cops deliver time-bomb DLL to infected Windows PCs\r\nSeveral ransomware operators have pledged that they will not target medical organisations during the current\r\npandemic, but apparently both honour and consistency is lacking among thieves.\r\nThe Register understands that institutions and businesses with ties to the hospital system have been alerted to the\r\nsituation, are aware of the potential for the ransomware infection to spread quickly, and are acting accordingly to\r\nprotect their operations. ®\r\nhttps://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/\r\nPage 1 of 2\n\nSource: https://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/\r\nhttps://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://www.theregister.com/2021/05/19/new_zealand_hospitals_taken_down/"
	],
	"report_names": [
		"new_zealand_hospitals_taken_down"
	],
	"threat_actors": [],
	"ts_created_at": 1775434745,
	"ts_updated_at": 1775826684,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/b54b0d857a451bd2a679b65a71083edfe89d738f.pdf",
		"text": "https://archive.orkl.eu/b54b0d857a451bd2a679b65a71083edfe89d738f.txt",
		"img": "https://archive.orkl.eu/b54b0d857a451bd2a679b65a71083edfe89d738f.jpg"
	}
}