National Cyber Security Centre to Use International Breach Notification Services

The National Cyber Security Centre (NCSC) of New Zealand’s top intelligence agency Government Communications Security Bureau (GCSB) has joined the government programme of the non-profit service.

The service enables individuals or organisations to identify whether an email address they own has been exposed in a public data breach. Email addresses disclosed in data breaches are collected by malicious cyber actors and may be used to tailor their attacks to specific victims, increasing the risk of cyber security incidents.

While bigger corporations can be adversely affected, their access to funds can allow them to bring themselves back up. Smaller businesses often fold when data breaches happen.

The NPO’s government programme enables the NCSC to receive alerts from this service for official New Zealand Government email addresses disclosed in data breaches. This includes, and is limited to, addresses ending in .govt.nz, .mil.nz, .cri.nz, and .parliament.nz. Once the NCSC receives an alert, it can notify the affected agency and provide advice.

The programme provides an early warning system to users and businesses so they can act quickly before things go out of hand. The service shares only email addresses affected by a data breach with the NCSC. Alerts may reference other affected types of information associated with the email (such as a password), but the information itself is not shared.

Over time, the alerts will also provide the NCSC with insights into cyber hygiene across government, supporting more effective cyber security policy and resilience initiatives.

With all that’s at stake, every New Zealander should benefit from the programme. The NPO offers its services to the government programme at no cost. The non-profit has been helping governments all over the world.