Cyber security incident at Langley Twigg
On 11 January 2026 Langley Twigg suffered a security incident that caused us to temporarily take our computers offline. Having completed further investigation, we have now confirmed that this was the result of a third-party cyber attack on Langley Twigg’s IT system. This notification sets out further information about what happened, how we have responded, and our next steps.
We deeply regret this incident and the concern it causes our clients. The security of your information is our highest priority, and we have taken every step to address this situation and prevent future incidents.
What happened?
On 11 January 2026 one of our staff became aware of unauthorised activity on our computer network thanks to our security monitoring software. In response we engaged our IT support provider to take immediate steps to contain the issue. This included switching off and disconnecting the Langley Twigg network from the internet while investigations took place. Our network was targeted by a sophisticated malicious attack using a new strain of a virus that was not recognised by anti-virus programs at the time. An update has since been deployed which recognises this new malware strain.
Before our systems were restored using backup copies, these were thoroughly sanitised and measures taken to further bolster security.
Langley Twigg has engaged digital forensics experts to work with our IT provider. Their investigation has confirmed that the incident was the result of a malicious third-party attack. Unfortunately, the investigation has confirmed that some client data was copied from our file server. We are working to determine the full extent of what was accessed.
We have notified the incident to the Office of the Privacy Commissioner and the New Zealand Police.
Next steps
We are currently working with digital forensics and cyber incident response specialists to identify what information was copied from the file server. Once this is done, we will contact affected clients and discuss steps they may wish to take as a consequence.
We are working intensively on this process, which may take several weeks to complete thoroughly. We will provide regular updates as our investigation progresses and contact affected clients as soon as we can confirm specific impacts.
At the time of the attack, we were in the process of moving to a cloud-based document management system. We are accelerating our planned migration to enhanced cloud-based security infrastructure, which will reduce the risk of any future incidents.
What you can do now
We wanted to contact you now while our investigations and analysis are ongoing to ensure that you are informed and are alert to any suspicious activity. In particular:
· Please be extra vigilant and keep an especially keen eye on transactions in your bank account and credit cards.
· Stay alert for correspondence which seems suspicious or out of place, particularly if that correspondence seeks payment of some kind.
· If you are making a payment to us, we recommend you verify our bank account details over the phone by phoning one of our staff.
· You can find more details about prominent scams and how to keep yourself safe online on the National Cyber Security Centre’s “Own Your Online” website:
Own your online
We are extremely sorry that this has happened. We are working hard to identify whose information may have been compromised and ensure that those affected receive appropriate notifications.
Your usual Langley Twigg contact remains available for queries. However, if you have questions or comments in the interim we would be grateful if these could be sent to
enquiries@langleytwigg.co.nz so we can provide consistent, accurate and up to date information.
