Privacy Breach at NZTA Exposes 1,000 Vehicle Owners, Leading to Vehicle Thefts
Privacy Breach at NZTA Exposes 1,000 Vehicle Owners, Leading to Vehicle Thefts
Date: 9 minutes ago
Photo: RNZ / Dom Thomas
A serious privacy breach at the New Zealand Transport Agency (NZTA) has exposed the personal details of nearly 1,000 individuals over the past 12 months, with evidence suggesting that at least 13 vehicles were targeted for theft as a result. The breach was uncovered after an affected individual raised concerns with RNZ, prompting the agency to investigate further.
According to a statement from the NZTA, the unauthorized access was traced back to the Motochek system—an online platform that allows registered users to access information from the Motor Vehicle Register (MVR). The breach was discovered in May 2025, following a customer complaint and an ongoing police investigation. It was found that an ex-employee of Auckland Auto Collections Ltd had used a Motochek account to access the names and addresses of 951 individuals over the course of a year.
The agency has since taken steps to inform the affected individuals, offering updates on the measures being taken to address the breach and providing support to those impacted. In a statement, NZTA expressed deep regret for the inconvenience and distress caused, acknowledging the vulnerability of personal data and the potential risks to individuals' safety.
As part of its response, the agency is collaborating with police to investigate the breach and any vehicles that may have been targeted for theft. Additionally, NZTA has notified the Office of the Privacy Commissioner and is working to strengthen its systems to protect personal information. This includes enhancing policy, contractual, operational, and digital safeguards for the MVR.
One of the affected individuals received a message from NZTA confirming that their full name and address had been accessed. While the agency has not been able to determine the exact reason for the access, it has advised those concerned about their personal safety to contact the New Zealand Police directly.
This incident highlights the growing risks associated with digital data management and the importance of robust cybersecurity measures. In an era where personal information is increasingly stored online, the exposure of such data can have serious consequences—ranging from identity theft to physical threats like vehicle theft.
The NZTA’s response has been both swift and transparent, but the breach has raised important questions about the adequacy of current data protection protocols. As cyber threats continue to evolve, it is clear that agencies responsible for managing sensitive information must remain vigilant and proactive in their efforts to safeguard personal data.
