๐Ÿ”’breach.co.nz ยท the NZ & Australia breach register ๐Ÿ›ก๏ธ A Govern service
๐Ÿ›ก๏ธ A Govern service

About breach.co.nz

breach.co.nz is a public register of reported data breaches across New Zealand and Australia. It exists to turn scattered, hard-to-find breach reporting into a single, sourced, searchable record of what has actually happened โ€” and to do it to a standard that stands up to scrutiny.

What we are โ€” and aren't

We are an index of public record, not an investigator. Every entry is drawn from a regulator, a court, or the affected organisation's own disclosure, and every field links back to its source. We don't make original allegations, we don't take public breach submissions, and we never host or link to breached data itself โ€” only the fact that a breach occurred. Where we don't have an official figure, we label the gap rather than estimate it.

A service of Govern

breach.co.nz is published by Govern, our governance and cyber-security brand. Govern helps New Zealand and Australian organisations build security and privacy practices that hold up โ€” the same discipline this register is built on. If the breaches indexed here are the cautionary tales, Govern is the part that helps make sure you're not the next one.

Learn more about Govern โ†’

Corrections & right of reply

Every record carries a correction and right-of-reply path. If you represent an organisation named here and something is inaccurate or out of date, contact us and we will amend or remove it on verified request: breach@govern.co.nz.

How to read the register

Records are labelled Confirmed (Tier A โ€” sourced from a regulator or court) or Reported (Tier B โ€” credible media or company disclosure, awaiting official confirmation). The Methodology page sets out the full field-by-field sourcing standard, and the Learn section explains the concepts and frameworks behind the cases.