A hack in August led the healthcare firm to discover previous attacks spanning the prior three years, Tū Ora said. CEO Martin Hefford said in a statement, “While this was illegal and the work of cyber criminals, it was our responsibility to keep people’s data safe and we’ve failed to do that.” It was unclear whether any information was accessed as a result of the hacks.