Neighbourly: Neighbourly data breach: User names, emails and messages accessed

**Neighbourly Data Breach Exposes User Information, Including GPS and Private Messages**

Neighbourly, a community engagement platform, recently confirmed a data breach involving unauthorized access to sensitive user information. According to a company spokesperson, the exposed data included registered users’ names, email addresses, GPS coordinates, public forum posts, and private member communications. While passwords were not accessed, the breach also compromised publicly advertised events and business addresses.

The company stated that the vulnerability leading to the breach has been addressed, and its platform is now secure. Neighbourly has taken legal action by seeking a court injunction to prevent the misuse of the stolen data. In a public statement, the company apologized to its members for the incident and any distress caused during the investigation.

As part of its response, Neighbourly advised users to remain vigilant against potential scams, particularly those requesting personal information or creating urgency. The company recommended avoiding suspicious email links, manually entering web addresses, and enabling two-factor authentication where possible. Neighbourly confirmed that its website and services are now fully operational following the incident.

Source: https://www.nzherald.co.nz/nz/neighbourly-data-breach-user-names-emails-and-messages-accessed/NIV573OKJBAQDH3VKRVIIDOOFE/

Neighbourly.co.nz cybersecurity rating report: https://www.rankiteo.com/company/neighbourly-co-nz

"id": "NEI1767441726",
"linkid": "neighbourly-co-nz",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'customers_affected': 'Registered users',
                        'industry': 'Social Networking/Community Platform',
                        'name': 'Neighbourly',
                        'type': 'Platform'}],
 'customer_advisories': 'Users advised to remain vigilant against scams, '
                        'enable two-factor authentication, and avoid phishing '
                        'links',
 'data_breach': {'personally_identifiable_information': 'Names, email '
                                                        'addresses, GPS '
                                                        'coordinates',
                 'sensitivity_of_data': 'High (PII and private communications)',
                 'type_of_data_compromised': ['Names',
                                              'Email addresses',
                                              'GPS coordinates',
                                              'Public forum posts',
                                              'Private member communications',
                                              'Publicly advertised events',
                                              'Business addresses']},
 'description': 'Unauthorised access to certain categories of data held by '
                'Neighbourly, including registered users’ names, email '
                'addresses, GPS coordinates, public forum posts, private '
                'member communications, publicly advertised events, and '
                'business addresses. Passwords were not accessed.',
 'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
                                       'data breach',
            'data_compromised': 'Registered users’ names, email addresses, GPS '
                                'coordinates, public forum posts, private '
                                'member communications, publicly advertised '
                                'events, business addresses',
            'identity_theft_risk': 'High (exposure of PII such as names, email '
                                   'addresses, GPS coordinates)',
            'legal_liabilities': 'Potential legal actions; seeking court '
                                 'injunction to prevent use of accessed '
                                 'material',
            'operational_impact': 'Platform outage during investigation and '
                                  'remediation',
            'systems_affected': 'Neighbourly platform'},
 'investigation_status': 'Completed',
 'lessons_learned': 'Need for more robust processes to prevent future '
                    'breaches; importance of user awareness and security '
                    'measures like two-factor authentication',
 'post_incident_analysis': {'corrective_actions': 'Issue addressed; platform '
                                                  'secured; processes reviewed '
                                                  'to prevent recurrence'},
 'recommendations': ['Enable two-factor authentication where available',
                     'Remain alert to phishing attempts (unusual calls, '
                     'emails, or texts)',
                     'Avoid clicking links in emails; type web addresses '
                     'directly',
                     'Implement enhanced monitoring and incident response '
                     'processes'],
 'references': [{'source': 'Neighbourly Public Statement'}],
 'regulatory_compliance': {'legal_actions': 'Seeking court injunction to '
                                            'prevent use of accessed material'},
 'response': {'communication_strategy': 'Public apology, user advisories, and '
                                        'updates during investigation',
              'containment_measures': 'Breach quickly contained',
              'recovery_measures': 'Website and services fully operational',
              'remediation_measures': 'Issue addressed; platform restored and '
                                      'secured'},
 'stakeholder_advisories': 'Advisories issued to staff and members on security '
                           'best practices',
 'title': 'Neighbourly Data Breach',
 'type': 'Data Breach'}