Our IT company has advised us that they are the victim of a cyber-attack. The cyber terrorists have accessed all of their servers, including their back up servers (which incidentally are held and secured completely separately), and the data is now being held to ransom. It appears that the information has been encrypted rather than stolen. The government, NZ Police and international agencies are all involved in finding a resolution.
The IT company manages many large clients (much, much larger than us) and you may see information about this on the news. Fortunately, all that is affected for us is BORIS – our contact management and audit booking system. All of our emails and office, client and auditor files are held in a different place and are not affected by this.
What has been breached is publicly available and non-sensitive information including names, addresses, email addresses and phone numbers. No personal information is held on BORIS. It seems unlikely we will get this information back unencrypted from the terrorists.
This is going to cause a fair amount of disruption to us, as we rely heavily on BORIS. Fortunately, we are well down the path of migrating to a new and more modern web-based version of BORIS. We will now expedite the ‘stand-up’ of BORIS 2.0 (which was going to occur mid-January) and are hopeful this will be to a stage where we can rely on the information in BORIS 2.0 within the next week or two. We ask for your patience during this phase.
As you can imagine, we are absolutely gutted this has happened at the end of what has been a busy and stressful year. Please bear with us as we work through the migration and mitigate the issues associated with this attack.
Please do get in contact with me if you have any concerns.
Meri Kirihimete and warm wishes for the New Year,
Cathy Cummings | manukura, director, specialist advisor
p: +64 21 470 332