Statement of notification

Public notice of privacy breach

Updated: 13 August 2024

What happened?

In June 2024, Competenz experienced a cyber attack, resulting in unauthorised access to
our IT system and theft of data.

Competenz immediately notified Competenz learners and stakeholders, and relevant
authorities.

The attack resulted in cyber-criminals extracting a range of data including personal
information of some of our past and present learners, past and present employers,
assessors, staff and business partners.

We would like to take this time to explain what has happened to those we have been unable
to contact. We also want to say we are sincerely sorry to anybody affected - we recognise
the impact of the theft of this personal information.

What personal information is involved?

The types of personal information stolen include names, contact details, dates of birth,
copies of identity documents such as passports, birth certificates, driver licenses, citizenship,
residence, and visas, other information regarding students and employees, and financial
information including cards and bank account numbers.

Notification to those affected

We have been attempting to individually notify those past and present learners, past and
present employees, and stakeholders whose information we believe has been compromised.
This is a notification to those affected people who we have not been able to contact directly,
or who have not successfully received a direct notification email or letter from us.

Steps affected individuals can take to protect themselves

If you suspect you may have been affected, please contact us by visiting the Competenz Cyber Response webpage. Please complete the form at the bottom of the page and we will respond with relevant information as soon as possible.

We recommend the following steps to safeguard your information:

  • Use the DIA Checklist: Refer to the Department of Internal Affairs’ online checklist for steps to take in relation to driver licences and passports: Identity Theft Online Checklist.
  • Stay alert: Watch for any suspicious communications or phishing attempts.
  • Monitor accounts: Regularly check your financial and online accounts for unauthorized activities.
  • Check your credit record: Check your credit record to confirm if your identity has been used to obtain credit without your knowledge. Please refer to here for further information.
  • Update security: Change passwords and enable two-factor authentication where possible.

For ongoing updates and information visit the Competenz website. Any inquiries regarding this breach should be directed to cyberinfo@competenz.org.nz

 

Affected individuals have the right to make acomplaint to us or to the Office of the Privacy Commissioner.

What steps has Competenz taken?

Competenz isolated the affected systems as soon as the attackwas discovered.However Competenz moved to ensure its IT environment and systems were operational asquickly as possible to minimise impact on its learners, employers andstakeholders. It has also put in placesystems to enhance cyber security resilience.

Since the June incident, Competenz has issued updates about the breach to its learners and stakeholders, keeping them informed of the investigations and providing information about taking precautions to protect personal.  

This has included being in direct contact with known impacted individuals, providing support and advice as required. Details of the attack have been posted on the Competenz website.

View our annual reports
View reports
Frequently asked
FAQsFree apprenticeships
Te Pūkenga
OverviewWorkforce Development CouncilsReform of Vocational Education
Competenz is a Business Division of Te Pūkenga – New Zealand Institute of Skills and Technology.
About Te PūkengaPrivacy PolicyTerms of UsePrivacy Policy
Copyright © 2024 Competenz All rights reserved.