🔒breach.co.nz · the NZ & Australia breach register 🛡️ A Govern service
Register › 🇳🇿 NZ › Technology
Technology sector · leaderboard
Own the Technology leaderboard
The top banner across the Technology overview and every Technology record — one advertiser, exclusively.
Own this leaderboard → breach@govern.co.nz

Neighbourly

🇳🇿 New Zealand · Neighbourly Ltd (Stuff Ltd) · Record NZ-2026-0010
○ Reported — awaiting official confirmation
Reported — awaiting official confirmation. The facts below are drawn from the organisation's own disclosure and credible reporting. Figures are as reported; unknowns are labelled, not estimated by us.
People affected
Not disclosed
Breach date
2026-01
Regulator
High Court (Auckland) injunction
Trust tier
B · Reported

Data exposed

Names, email addresses, posts, private messages and GPS / location data Media-reported

Confidence: Confirmed = regulator/court · Company-confirmed = the organisation's own disclosure · Media-reported = press. Figures without an official source are labelled, not estimated.

What happened

On 1 January 2026 Stuff took its Neighbourly community network offline after user data — including names, emails, posts, private messages and GPS/location data — was offered for sale on the dark web [nb-rnz1]. Stuff filed and obtained a High Court (Auckland) injunction to stop the data spreading [nb-rnz2].

Current status

Investigating. The data-for-sale listing is attacker-sourced; the company’s response and the High Court injunction corroborate a real personal-data breach [nb-rnz1], [nb-rnz2]. No count of affected users has been published, so none is asserted here.

Why it matters

A neighbourhood network’s private messages and location data are highly personal; putting them up for sale exposes members to targeting and scams.

GGOVERN Tabletop Exercises · Govern house Strengthen your cyber resilience — rehearse the decisions that matter. Book a Discovery Call →