FAQS for customers who may have had data breached

Network Updates
Following this month’s severe storm, Vector has been made aware of a API vulnerability in its Outage App. 

An unidentified third party exploited an API vulnerability which allowed them to manipulate the application to potentially obtain personal information about other app users who had reported an outage via the app.

Below is some more information for customers who may have been affected.

Data breach FAQS

Why is the outage app no longer working?
  • Vector has been made aware of vulnerabilities in the app which potentially allowed users to see information about other app users. 

  • The accessible information included the names, phone numbers and email addresses of customers who reported an outage as well as data which could lead to the identification of their address. 

  • The data does not include any personal financial information such as bank account or credit card details.

  • We’ve taken down the outage app whilst we address this issue.

When did you find out about this data breach?

We were made aware of this breach on Thursday 26 April and took immediate action as soon as we were notified.

How many customers were affected?

A number of app customers may have been affected by this data breach.

Am I affected?
  • We will be in contact with affected customers either via email or letter.

  • Emails and letters will be sent over the next few days.

How do I find out if I'm affected
  • If you are one of the customers affected, you will receive either an email or a letter from us.

  • The email will be sent from privacy@vector.co.nz  

When will you tell me?
As soon as possible
Has my data been breached?
  • The accessible information includes the names, phone numbers and email addresses of customers who reported an outage as well as data which could lead to the identification of their address.

  • The data does not include any personal financial information such as bank account or credit card details.

Do I have to do anything?

Following this breach, we suggest you consider the following precautions:

  • Consider your security for online accounts where you’ve used your email address for account identification.

  • Be aware that following this breach, your email address may potentially be the subject of heightened spam activity, and in all cases we recommend you take care when opening emails and/or clicking on links.

  • Note that Vector will never request passwords or financial information from you over email.

  • For more information on how to ensure your information remains safe and how to recognise potential online scams, visit www.netsafe.org.nz

 
 
What data has been taken?
  • The accessible information includes the names, phone numbers and email addresses of customers who reported an outage notification as well as data which could lead to the identification of their address. 

  • The data does not include any personal financial information such as bank account or credit card details.

How do I find out what personal information was breached?
How do I report outages in the future?

If you experience an outage, please call us on 0508 VECTOR (0508 832 867) or visit vector.co.nz for more information.

How long will the outage app be down for?

We are working to resolve the issue and will let customers know as soon as this is completed. 

How can I find out about outages now that the map on the website is gone?

You will be able to find out about outages on our automated phone system by calling 0508 VECTOR (0508 832 867).