Latest news with #JulianWendt
Techday NZ
05-08-2025
- Techday NZ
Over 150 million NZ records for sale as cyber threats grow
New research from nWebbed Intelligence has identified that over 150 million compromised records linked to New Zealand are accessible on the dark web, including thousands belonging to employees of government departments, local banks, and healthcare institutions. The nWebbed NZ Cybersecurity Study reviewed more than 30 billion breach records, revealing compromised credentials for more than 198,000 New Zealand businesses and entities. Specifically, the study found over 18,000 government worker logins, 3,200 banking staff credentials, and 2,000 healthcare accounts among those leaked online. Exposure at scale The passwords and emails discovered are authentic and currently being traded or given away on underground dark web forums, according to the company's analysis. These credentials, the study found, are particularly problematic for the core sectors of New Zealand society. "We are seeing widespread exposure of compromised credentials linked to core parts of the New Zealand economy, including health providers, government agencies, banks and large-scale businesses. "These are trusted institutions that Kiwis interact with every day, and they are real emails and passwords sitting in the wild. They're searchable, for sale and vulnerable to exploitation," he says. The study cross-referenced global breach records against local email domains to determine the specific exposure of New Zealand organisations. Impact and warning Julian Wendt, founder of nWebbed Intelligence, cautioned that many organisations are unaware their credentials have been exposed on the dark web and that the threat landscape is evolving swiftly. He emphasised that compromised accounts may still be vulnerable long after an initial breach and that the same credentials may appear across several unrelated data leaks. "It's not that someone was hacked once and that's it. In many cases, credentials from five or six separate breaches are still sitting out there, waiting to be exploited," he says. Wendt suggested that New Zealand needs to accelerate its cybersecurity response practices to mitigate this recurring threat. "You can't wait for the ransom note to start caring about where your data ends up. We need a preventative model, and that starts with visibility. "Most organisations are watching their perimeter, not what's already leaked. But if your staff credentials are out there, especially admin or technical roles, then attackers already have the keys," he says. He describes a situation where the volume of sensitive credentials on the dark web continues to grow at pace, with nWebbed's own database expanding by 2 billion credentials each month. Automated threats Attackers are acting more quickly than before, with some using automated tools to actively search for high-value credentials such as executive or technical staff logins within minutes of a data leak. "In some cases, we've seen attackers move within minutes of credentials appearing online. They're using automated tools to scan for executive logins, technical roles or access to critical systems. "What starts as a single leaked password can escalate into a live intrusion before an organisation even realises there's been a breach," he says. Wendt also noted that many New Zealand institutions continue to underestimate their appeal as targets, often seeing cybercrime as an overseas problem when, in his view, local entities are being used as potential entry points into international networks. "There's still this assumption in New Zealand that cybercrime is something that happens to big overseas companies. But in reality, our companies are being targeted every day, often because we're seen as a soft entry point into larger international networks. "Nearly half of the Fortune 500 companies worldwide have exposed employee credentials available online, and Kiwi companies are facing similar threats. Compromised credentials can be used to access corporate networks, bypass multi-factor authentication or launch phishing attacks," he says. He also referenced a tendency for firms to rely too much on past risk assessments, sometimes overlooking exposures their internal controls may not detect. "Even organisations with good internal cybersecurity practices are often shocked to discover what's floating around publicly. That includes old passwords, unpatched web portals or documents they thought were private. It's not about blaming anyone, it's about visibility," he says. Response and outlook In response to these findings, nWebbed has launched a new threat monitoring platform leveraging artificial intelligence to deliver real-time awareness and help organisations address exposures before they result in breaches. Wendt stressed the importance of awareness and proactive management of external risks by New Zealand businesses. "Most breaches happen because someone didn't know their login details were already out there. This is a solvable problem if you're willing to look," he says. Follow us on: Share on:
Scoop
05-08-2025
- Business
- Scoop
Thousands Of Leaked NZ Govt And Health Agency Credentials On Dark Web
Press Release – nWebbed Julian Wendt, founder of Kiwi tech start-up nWebbed Intelligence, says the findings show New Zealand organisations are underestimating the scale and frequency of cyber risk. Thousands of leaked employee credentials from government departments, local banks and healthcare organisations are among more than 150 million compromised records tied to New Zealand accessible on the dark web, according to new research. The nWebbed NZ Cybersecurity Study, which analysed over 30 billion credentials available for sale on the dark web – a hidden part of the internet used as an illegal marketplace by criminals, has revealed an alarming level of vulnerability among Kiwi businesses, with compromised credentials linked to more than 198,000 New Zealand companies and entities. In addition, the usernames and passwords of more than 18,000 NZ Government workers, 3,200 banking staff and 2,000 healthcare organisation accounts with privileged access to sensitive information were also found in leaked databases on the dark web. The study analysed global breach records and cross-referenced them with local email domains to identify exposure. Julian Wendt, founder of Kiwi tech start-up nWebbed Intelligence, which has built the world's fastest-growing database of dark web credentials, says the findings show New Zealand organisations are underestimating the scale and frequency of cyber risk. He says an urgent review of cybersecurity protocols, credential management systems and third-party access controls across the country's sensitive institutions and corporations is needed to secure exposed systems and protect the privacy of consumers whose personal data is at risk. 'We are seeing widespread exposure of compromised credentials linked to core parts of the New Zealand economy, including health providers, government agencies, banks and large-scale businesses. 'These are trusted institutions that Kiwis interact with every day, and they are real emails and passwords sitting in the wild. They're searchable, for sale and vulnerable to exploitation,' he says. Wendt says many breaches are going undetected for months or even years, and the data is still circulating. 'It's not that someone was hacked once and that's it. In many cases, credentials from five or six separate breaches are still sitting out there, waiting to be exploited,' he says. Wendt says New Zealand urgently needs to shift away from reactive cybersecurity practices. 'You can't wait for the ransom note to start caring about where your data ends up. We need a preventative model, and that starts with visibility. 'Most organisations are watching their perimeter, not what's already leaked. But if your staff credentials are out there, especially admin or technical roles, then attackers already have the keys,' he says. Wendt says their database is growing by 2 billion credentials each month as the global rate of breaches accelerates. He says in response to the volume of sensitive credentials available online, nWebbed has launched a new threat monitoring platform that uses artificial intelligence to help organisations close critical security gaps in real time, enabling businesses to act before data is weaponised. Wendt says the time between a data leak and active exploitation is narrowing, particularly for high-value targets. 'In some cases, we've seen attackers move within minutes of credentials appearing online. They're using automated tools to scan for executive logins, technical roles or access to critical systems. 'What starts as a single leaked password can escalate into a live intrusion before an organisation even realises there's been a breach,' he says. Wendt says part of the problem is cultural. 'There's still this assumption in New Zealand that cybercrime is something that happens to big overseas companies. But in reality, our companies are being targeted every day, often because we're seen as a soft entry point into larger international networks. 'Nearly half of the Fortune 500 companies worldwide have exposed employee credentials available online, and Kiwi companies are facing similar threats. Compromised credentials can be used to access corporate networks, bypass multi-factor authentication or launch phishing attacks,' he says. Wendt says too many companies rely on outdated risk assessments and miss critical external vulnerabilities. 'Even organisations with good internal cybersecurity practices are often shocked to discover what's floating around publicly. That includes old passwords, unpatched web portals or documents they thought were private. It's not about blaming anyone, it's about visibility,' he says. Wendt says the next step is to raise awareness and get more Kiwi companies treating external digital hygiene as seriously as they do internal firewalls. 'Most breaches happen because someone didn't know their login details were already out there. This is a solvable problem if you're willing to look,' he says.
Scoop
05-08-2025
- Business
- Scoop
Thousands Of Leaked NZ Govt And Health Agency Credentials On Dark Web
Thousands of leaked employee credentials from government departments, local banks and healthcare organisations are among more than 150 million compromised records tied to New Zealand accessible on the dark web, according to new research. The nWebbed NZ Cybersecurity Study, which analysed over 30 billion credentials available for sale on the dark web - a hidden part of the internet used as an illegal marketplace by criminals, has revealed an alarming level of vulnerability among Kiwi businesses, with compromised credentials linked to more than 198,000 New Zealand companies and entities. In addition, the usernames and passwords of more than 18,000 NZ Government workers, 3,200 banking staff and 2,000 healthcare organisation accounts with privileged access to sensitive information were also found in leaked databases on the dark web. The study analysed global breach records and cross-referenced them with local email domains to identify exposure. Julian Wendt, founder of Kiwi tech start-up nWebbed Intelligence, which has built the world's fastest-growing database of dark web credentials, says the findings show New Zealand organisations are underestimating the scale and frequency of cyber risk. He says an urgent review of cybersecurity protocols, credential management systems and third-party access controls across the country's sensitive institutions and corporations is needed to secure exposed systems and protect the privacy of consumers whose personal data is at risk. 'We are seeing widespread exposure of compromised credentials linked to core parts of the New Zealand economy, including health providers, government agencies, banks and large-scale businesses. 'These are trusted institutions that Kiwis interact with every day, and they are real emails and passwords sitting in the wild. They're searchable, for sale and vulnerable to exploitation,' he says. Wendt says many breaches are going undetected for months or even years, and the data is still circulating. 'It's not that someone was hacked once and that's it. In many cases, credentials from five or six separate breaches are still sitting out there, waiting to be exploited,' he says. Wendt says New Zealand urgently needs to shift away from reactive cybersecurity practices. 'You can't wait for the ransom note to start caring about where your data ends up. We need a preventative model, and that starts with visibility. 'Most organisations are watching their perimeter, not what's already leaked. But if your staff credentials are out there, especially admin or technical roles, then attackers already have the keys,' he says. Wendt says their database is growing by 2 billion credentials each month as the global rate of breaches accelerates. He says in response to the volume of sensitive credentials available online, nWebbed has launched a new threat monitoring platform that uses artificial intelligence to help organisations close critical security gaps in real time, enabling businesses to act before data is weaponised. Wendt says the time between a data leak and active exploitation is narrowing, particularly for high-value targets. 'In some cases, we've seen attackers move within minutes of credentials appearing online. They're using automated tools to scan for executive logins, technical roles or access to critical systems. 'What starts as a single leaked password can escalate into a live intrusion before an organisation even realises there's been a breach,' he says. Wendt says part of the problem is cultural. 'There's still this assumption in New Zealand that cybercrime is something that happens to big overseas companies. But in reality, our companies are being targeted every day, often because we're seen as a soft entry point into larger international networks. 'Nearly half of the Fortune 500 companies worldwide have exposed employee credentials available online, and Kiwi companies are facing similar threats. Compromised credentials can be used to access corporate networks, bypass multi-factor authentication or launch phishing attacks,' he says. Wendt says too many companies rely on outdated risk assessments and miss critical external vulnerabilities. 'Even organisations with good internal cybersecurity practices are often shocked to discover what's floating around publicly. That includes old passwords, unpatched web portals or documents they thought were private. It's not about blaming anyone, it's about visibility,' he says. Wendt says the next step is to raise awareness and get more Kiwi companies treating external digital hygiene as seriously as they do internal firewalls. 'Most breaches happen because someone didn't know their login details were already out there. This is a solvable problem if you're willing to look,' he says.
RNZ News
05-08-2025
- Business
- RNZ News
Cybersecurity warning: 'Widespread exposure of compromised credentials'
Employee records linked to more than 198,000 NZ companies and entities were found on the dark web. File photo. Photo: Andrew Brookes, AB Still Ltd, Thousands of leaked credentials for employees from NZ government departments and healthcare organisations can be found on the dark web, says a digital security firm. The data is part of more than 150 million compromised records connected to New Zealand that is accessible on the dark web, according to a study by Kiwi tech start-up nWebbed Intelligence. The company's cybersecurity study analysed more than 30 billion credentials available for sale on the dark web and found links to more than 198,000 New Zealand companies and entities. It also found the usernames and passwords of more than 18,000 NZ government workers, 3200 banking staff and 2000 healthcare organisation accounts were also found in leaked databases. nWebbed Intelligence founder Julian Wendt said local organisations were underestimating the scale of cyber risk, and am urgent review of cybersecurity protocols was needed in the country's sensitive institutions and corporations. "We are seeing widespread exposure of compromised credentials linked to core parts of the New Zealand economy, including health providers, government agencies, banks and large-scale businesses. "These are trusted institutions that Kiwis interact with every day, and they are real emails and passwords sitting in the wild. They're searchable, for sale and vulnerable to exploitation." He said some breaches were going undetected for years. "It's not that someone was hacked once and that's it. In many cases, credentials from five or six separate breaches are still sitting out there, waiting to be exploited." Qantas recently revealed an attack by cybercriminals may have accessed as many as six million customer records. Sign up for Ngā Pitopito Kōrero , a daily newsletter curated by our editors and delivered straight to your inbox every weekday.
NZ Herald
05-08-2025
- NZ Herald
Dark web password risk: NZ Govt, healthcare provider, bank staff logins found for sale
Wendt would not name those affected for security reasons, but said he had shared his findings with the healthcare providers and others affected by apparent active account breaches. He had also informed the Office of the Privacy Commissioner and the GCSB's National Cyber Security Centre (NCSC) about his investigation, he said (neither agency immediately returned a request for comment). Hackers gaining access to a healthcare staffer's login didn't necessarily mean security holes in a hospital's network or a successful 'phishing' attack (when a hacker pretends to be a legitimate service). It could be that the staff member used their work email address – and their work password – when they created an account with another site, which was then compromised. Founder of nWebbed, Julian Wendt. The Herald sighted a list of logins and passwords (the latter obscured by Wendt) used by employees of a private company (not in banking or healthcare). Some of the logins were 10 or more years old, and all had been used to set up accounts with third-party sites rather than being active logins for their company's own systems. The company concerned forced its users to constantly change its passwords, with logins also subject to multi-factor authentication in the form of confirmation messages sent to a user's cellphone. However, Wendt said he has seen credentials for sale on the dark web within minutes of an attack and that multi-factor authentication could be circumvented if a hacker had even brief access to a network. 'Most organisations are watching the perimeter, not what's already leaked,' he said. Credentials and documents from previous breaches were often sitting on the dark web without an organisation realising. What does it cost to buy stolen credentials? Wendt says he's found some Kiwis' credentials sloshing around on the dark web for free. He says hackers often display a limited number of users' credentials (including logon names and full passwords) as a free taster for a full stolen list. At other times, they simply display them to brag. And when a username and password is tied to, for example, a specific bank account with a known balance, it can attract a premium price (see list below). However, most of the 198,000 compromised credentials that Wendt found came within bulk lots, available at low cost. He showed the Herald one post where a seller was providing free access to 900,000 credentials as a taster for a collection of 200 million – available for a one-off cost of US$2000 ($3390) or a via a monthly subscription to the seller's 'collection' for US$200 for your first month then US$100 per month. A June 2025 study by multinational credit reporting company Experian found the following prices for individual credentials on the dark web (its US dollar finds are converted to rounded NZ dollars): Hacked Gmail account: $8 Hacked social media account: $33 to $42 Passport: $83 Driver's licence: $250 Crypto account details: $33 to $4410 A separate study by managed network and security provider Crowdstrike said typical dark web prices also included: Stolen bank login, minimum $2000 in account: $60 Stolen credit card details, balance up to $5000: $125 What is the dark web? Wendt borrowed a Star Wars phrase to describe the dark web as a 'reteched hive of scum and villainy'. More specifically, he said it is 'an area of the internet that requires special software to access'. 'It's not indexed by search engines by Google; you have to know where you want to go before you start – some 'surface' websites help with that.' Once you make it to one dark web site, it often grants access to others. Wendt says his earlier career has included working for Hackers Without Borders, a volunteer group that has helped the Red Cross and other non-profits close vulnerabilities in their tech systems. He says he set up the (now six-person) nWebbed in mid-2023 out of 'frustration' that there was no middle ground between basic free services for tracking if your credentials were on the dark web, such has as the New York Times-namechecked HaveIBeenPwned, and corporate services that cost hundreds of thousands of dollars. Wendt says his firm has used AI and machine learning in its analysis and stalking of dark web cyber-crime platforms. He adds, 'I've been in this game for well over a decade, so have access to some of the channels where cybercriminals often share their loot quite freely.' Use a pass phrase, not a password This far into the cyber-security crisis, most people are aware of the usual tips, which include: Using a different password for every service Using a complex password including names and special characters Using multifactor authentication (MFA – a confirmation message sent to a cellphone number or app) when it's an option Never accessing online banking or any other sensitive service over a public Wi-Fi network. Using a password manager – which could be the password manager built into your web browser – to suggest (and remember) a strong password for every site Run constant health checks (for example, in the most popular web browser, Chrome, click the three dots at top right, Passwords, then Password Manager then click the options to see weak passwords and repeated passwords) Wendt says his number one security tip is to use a 'pass phrase' as your password for a site. 'It could be a line you'll be able to remember because it's from one of your favourite songs, books, or movies,' he says. A number of security experts have recommended using a pass phrase in security tips they've supplied to the Herald. For Wendt, it's his absolute number one tip for defeating hackers' automated systems. 'It's length that makes the difference, more than complexity,' he says. In his view, forcing staff or customers to constantly change passwords can have its drawbacks. Some would get fed up and use a guessable password and only make a minor tweak each time, such as changing a number on the end. Chris Keall is an Auckland-based member of the Herald's business team. He joined the Herald in 2018 and is the technology editor and a senior business writer.
