NZ Uniforms recovered relatively quickly from the attack, but says it may be a while before it knows the extent of any data breach.

New Zealand Uniforms has become the latest Kiwi business to fall victim to a ransomware attack.

The Conti ransomware gang posted an advisory on the ‘dark web’ on Monday indicating it had stolen information from the Wellington-based company.

NZ Uniforms chief executive David Bunnell confirmed it had been subjected to a cyber-attack involving ransomware in late January.

Bunnell said the attack temporarily impacted some of its systems but that they were “fully operational again within 48 hours, minimising the impact to customers”.

NZ Uniforms had not engaged with the hackers and no ransom had been paid or proposed, he said.

“We have notified relevant authorities and are committed to updating them and our other stakeholders as we understand more through our forensic response,” he said.

The Office of the Privacy Commissioner said it had been advised by the company of a possible data breach.

Bunnell said that had been done as a precaution.

“We are in the process of forensic analysis to try and understand the extent of any potential exfiltration, however, this will take some time.”

Since December 2020, businesses have been required to advise the Office of the Privacy Commissioner if they have information lost or stolen that they think has or is likely to cause serious harm.

Bunnell said NZ Uniforms had engaged independent experts and followed advice from Government cyber agency Cert NZ and the National Institute of Standards and Technology after the attack, which he said had aided its quick recovery.

He advised other businesses to be prepared, seek expert advice, review their technology systems and ensure a proper plan was in place to minimise the impact of such attacks.

The company is a major supply of uniforms to schools, businesses and sports clubs, with 17 shops around the country.

Conti ransomware targets Microsoft Windows systems and has been implicated in several hundred attacks since 2020.

Brett Callow, a Canadian-based threat analyst at New Zealand cyber-security company Emsisoft, said it had been a while since a ransomware gang had publicised an attack on a New Zealand firm.

That was after a spate of publicised attacks mid-last-year.

A series of arrests overseas appeared to have since made ransomware gangs more cautious, Callow said.

“Every action they take exposes them to risk, so they’re taking fewer actions and publishing stolen data less frequently.

“They don’t need to do it in every case, only often enough to ensure victims know it’s a possibility and when they think it may actually move the needle and get a company to pay,” he said.