Ministry statement on ransomware attack

Ministry of Education logo

We advise anyone that believes they may have Kaseya VSA software installed to contact their IT provider in the first instance and undertake the recommended mitigation as per the CERT NZ advisory.

Of the 11 schools (out of roughly 2,500) we initially identified as possibly having been impacted by this global ransomware attack;

  • Two have confirmed they are not impacted as they have not used this software for some time
  • Two have confirmed they use the software and have been impacted by ransomware. They have taken steps to contain the issue which may have a short-term operational impact. There is no evidence of data loss at this stage.
  • Seven also use the software but have no evidence of impact and have shut down the impacted services as a precautionary measure.

One early childhood provider has let us know they use the software and they are taking precautionary measures.

At this stage, we are not aware of any other schools or early learning providers using the software.

Parents need to know that if there is anyone whose personal information has been impacted by this they will be contacted by their education provider directly.

We advise anyone that believes they may have Kaseya VSA software installed to contact their IT provider in the first instance and undertake the recommended mitigation as per the CERT NZ advisory (https://www.cert.govt.nz/it-specialists/advisories/kaseya-management-software-being-used-to-deploy-ransomware(external link)