News

Phishing Event

On the 26^{th of} July 2024, one of our staff members experienced a sophisticated phishing event, whereby they opened an email from a trusted PLD provider that contained a shared Office 365 file.  The staff member emailed the sender, to check if the file was genuine and the response was positive so attempted to open it.   It turned out that the respondent was not the PLD provider, it was the scammer (also known as “bad actor”) who had gained access to their email.  This resulted in the staff member’s email being hacked and used to onward send the file via their email to their ever-growing database. 

Immediate action was taken including sending a warning email to all staff, principals and other key contacts and the password was changed, and an email automatic response was set up. There were no student information breaches.

Notifications were made and actions were taken according to the guidelines and additional security steps have been put in place including Two Factor Authentication for all Te Whiri Kōkō staff, updated guidelines and processes. 

If you were impacted by this event, please change your password immediately and follow the recommended guidelines from your IT specialist support.  

For more information on how to deal with phishing events and preventative measures, please see this site.  Protect your school from cyber attacks and cyber security breaches – Education in New Zealand