An update regarding MediaWorks' cyber security incident

Update on MediaWorks cyber security incident

The claims relate to data from website competition entries.

MediaWorks is continuing to investigate a cyber security incident. Our technology team has confirmed a breach occurred on a database containing information from individuals who have entered online competitions.

As soon as we identified the database concerned it was taken offline and all current competition entries have been moved to a new secure database.

The type of information held in this database includes name, date of birth, gender, address, post code and mobile number. In some cases competition entrants may have uploaded images or videos as part of their entry. The database does not include any passwords, financial information, bank accounts or credit card details.

We are continuing to investigate which parts of the database may have been accessed by an unauthorised party and how this occurred. Our initial assessment indicates the number of unique users in the database is significantly lower than reported.

We are also aware that some individuals may have had direct approaches from the threat actor. Anyone with concerns can get in touch with our privacy office at

MediaWorks is sorry for the concern this is causing, particularly to those who have entered our competitions. We are in contact with the appropriate authorities and will communicate directly with affected parties once we have completed our review.

At this time we would ask Kiwis to be extra vigilant for phishing scams by phone, text or email. Cert NZ recommends whenever you follow a link to a screen that's asking you to log in or enter personal details, you check the domain name in the browser address bar matches the company you expect before you enter any information. Cert NZ also advises against engaging with threat actors or paying ransom for the return of data.