Skip to content
LegalVision New Zealand

What Should I Do If I Suspect a Data Breach at My Business?

Avatar photo

By Emma Lindblom

Updated on
Reading time: 5 minutes

Meets editorial guidelines

This article meets our strict editorial principles. Our lawyers, experienced writers and legally trained editorial team put every effort into ensuring the information published on our website is accurate. We encourage you to seek independent legal advice. Learn more.

Follow us on LinkedIn

In Short

  • If you suspect a data breach, immediately consult your incident response plan to guide your next steps.

  • Indicators of a breach include unexpected system behaviour, unfamiliar software, missing data or unauthorised changes to your website.

  • Promptly identify and contain the breach, assess its impact and determine if notification to affected individuals or authorities is required.

Tips for Businesses

Prepare for potential data breaches by developing a comprehensive response plan tailored to your business’s needs. Train employees to recognise signs of breaches and respond appropriately. Regularly update security measures and review your response plan to ensure effectiveness. Being proactive can minimise damage and maintain customer trust.

Summarise with: ChatGPT logo ChatGPT Perplexity logo Perplexity Microsoft Copilot logo Microsoft Copilot
Table of Contents

Many businesses store all of their information online or in digital databases. This is convenient, can reduce costs, and has a lower environmental impact. Digital storage means you can find information more efficiently in a digital database, whereas you may have had to trawl through filing cabinets in the past. However, this greater connectivity means that it is easier to lose information in a data breach. The consequences of a data breach can be devastating, depending on the nature of the information lost. Therefore, you should plan for what to do in the event of a data breach to mitigate these consequences. This article will outline some potential indicators of a data breach and what to do in the aftermath.

What is a Data Breach?

The exact nature of a data breach varies depending on the kind of data compromised. However, it generally refers to when something releases your business’ private and confidential information into an unintended environment. This can include:

  • an unauthorised person gaining access to your information; or
  • the data becoming publicly available.

A data breach can result in unauthorised individuals misusing or sharing your business’ confidential data. They may use it for personal gain or harm either your business or others. Examples of confidential data can include:

  • personal information of both your customers and employees, such as names or phone numbers;
  • sensitive business data, such as financial accounts;
  • personal health information;
  • reputation-damaging information; or
  • intellectual property, such as trade secrets.

REMEMBER: Data breaches are not always the result of a malicious cyberattack. They can be deliberate or accidental. For example, data breaches can occur because an employee sends a confidential email to the wrong person or a third party is taking advantage of bugs or weaknesses in your cybersecurity.

Front page of publication
NZ Website Privacy Policy

This Website Privacy Policy states how a business will deal with the personal information of its users.

Download Now

Indications of a Data Breach

It may not always be easy to spot a data breach, so it is vital to recognise its potential signs. Such indications may include;

  • digital systems running unusually slow;
  • unfamiliar software on your office desktops;
  • missing information from your databases;
  • messages from your website provider about suspicious activity;
  • passwords not working; or
  • business website content you had not approved.

Unfortunately, you can never completely eliminate the risk of a data breach. Therefore, you must implement adequate security controls to avoid them. Otherwise, you run the risk of reputational damage, losing customer trust, and legal penalties.

Continue reading this article below the form

The Aftermath of a Data Breach

If you suspect a data breach, then the first thing you should do is check your incident response plan if you have one. This plan will outline the steps you need to take to mitigate lasting damage to your business and its processes. If you do not have one, ensure you develop one after dealing with the problem. Following a breach, implement preventative measures to stop the same thing from happening again. In the meantime, you should complete the following tasks.

Identify the Breach and Limit Its Harm

The first thing you need to do is stop any further information from being spread. If the leak is ongoing, disconnect any systems that an unauthorised person can access remotely. Do not shut down your systems, or else you may lose evidence of the breach. Reset any access passwords and stop connections between systems to limit spread if the breach was due to a virus.

Next, check security and access logs to find out how the breach happened. Note down everything that has happened so far, including how you noticed the issue and what it has affected, such as your website or email accounts. Try to retain as much evidence as possible.

Evaluate Its Effects

Once you have stopped any further spread of information, you need to identify the full impact of the breach. This means finding out:

  • the nature of the information lost;
  • how much data leaked; 
  • who has the information now; 
  • who the breach has affected; and
  • how harmful the lost information was.

For example, you may have lost confidential data in a breach. However, this data was likely encrypted and the key is still secure. Therefore, the extent of harm is not as bad as it could have been.

Report When Necessary

The next step is to determine whether you have to report this breach. If the information affected was personal information likely to cause serious harm, you must notify the Privacy Commission. You should notify the relevant individual unless informing them would cause greater harm than the breach itself.

Key Takeaways

A data breach occurs when something releases confidential information into an unintended environment, such as the hands of an unauthorised person or to the public. To deal with a breach, you should take steps to limit its spread, determine its cause, and identify its consequences. You must also comply with your legal obligations and report where necessary.

If you would like more information, our experienced data, privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0800 447 119 or visit our membership page.

Frequently Asked Questions

What is a data breach?

A data breach is when something releases your business’ sensitive information into an unsecured environment. This could be the hands of an unauthorised person, or to the general public.

When do I need to report a data breach?

If the data breach included any personal information likely to cause serious harm with its release, then you need to notify the privacy commission. Serious harm could include identity theft or threats of violence.

What are some signs of a data breach?

Signs of a data breach vary, but if something is going wrong with your digital systems then a breach could be a potential cause. These include passwords not working, reports of suspicious activity on your website, or missing sensitive data.

Register for our free webinars

Responsible AI Use: Practical Tips For Businesses

Online
Learn how your business can manage AI’s legal risks effectively. Register for our free webinar.
Register Now

Redundancies and Restructuring: Understanding Your Employer Obligations

Online
Understand your obligations during redundancies and restructuring to protect your business. Register for our free webinar.
Register Now

Tips to Help Your Business Avoid Going to Court

Online
Learn how to resolve disputes efficiently and avoid costly court battles. Register for our free webinar.
Register Now

Supercharging Your Brand: How to Protect Your Brand And Drive Growth

Online
Build a stronger brand by protecting and using your trade marks effectively. Register for our free webinar.
Register Now
See more webinars >
Emma Lindblom

Emma Lindblom

Read all articles by Emma

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

Related articles

3 Reasons To Limit The Customer Data You Collect

4 Tips For Using a Data Collection Notice on Your NZ Website

10 Privacy Tips for Your NZ Business

5 Business Privacy Mistakes to Avoid

We’re an award-winning law firm

  • Award

    2025 Future of Legal Services Innovation Finalist - Legal Innovation Awards

  • Award

    2025 Employer of Choice - Australasian Lawyer

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2022 Law Firm of the Year - Australasian Law Awards