Cyber security incident at Langley Twigg

26 January 2026

Two weeks ago Langley Twigg suffered a security incident that caused us to temporarily take our computers offline. Having completed further investigation, we have now confirmed that this was the result of a third-party cyber attack on Langley Twigg’s IT system. This notification sets out further information about what happened, how we have responded, and our next steps.


What happened?

On 11 January 2026 our security monitoring software alerted us to unauthorised activity on our computer network. In response we engaged our IT support provider to take immediate steps to contain the issue. This included switching off and disconnecting the Langley Twigg network from the internet while investigations took place. Despite being protected by cyber security software, our network had suffered a malicious attack, and was infected with a new strain of a virus that was not known to our anti-virus program at the time. An update has since been deployed which recognises this new malware strain.

Before our systems were restored using backup copies, these were thoroughly sanitised and measures taken to further bolster security.


Langley Twigg has engaged digital forensics experts to work with our IT provider. Their investigation has confirmed that the incident was the result of a malicious third-party attack. Unfortunately, it has also confirmed that the third-party extracted a portion of the data from our file server, which contained both internal information relating to Langley Twigg’s operations and some client documents. 


We have notified the incident to the Office of the Privacy Commissioner and the New Zealand Police. 


Next steps

We are currently working with digital forensics and cyber incident response specialists to identify what information was copied from the file server. Once this is done, we will contact affected clients and discuss steps they may wish to take as a consequence. 


We are working intensively on this process but please understand that this may take some time to work through. We will provide further updates as our investigation progresses.


At the time of the attack, we were in the process of moving to a cloud-based document management system; this process will be completed shortly and will reduce the risk of any future incidents.


What you can do now

We wanted to contact you now while our investigations and analysis are ongoing to ensure that you are informed and are alert to any suspicious activity. In particular:

  •   Please be extra vigilant and keep an especially keen eye on transactions in your bank account and credit cards.
  •   Stay alert for correspondence which seems suspicious or out of place, particularly if that correspondence seeks payment of some kind. 
  •  If you are making a payment to us, we recommend you verify our bank account details over the phone by phoning one of our staff.
  • You can find more details about prominent scams and how to keep yourself safe online on the National Cyber Security Centre’s “Own Your Online” website: Own your online

We are extremely sorry that this has happened. We are working hard to identify whose personal information may have been compromised and ensure that those affected receive appropriate notifications. 

If you have queries or comments in the interim we would be grateful if these could be sent to enquiries@langleytwigg.co.nz so we can provide consistent, accurate and up to date information.