Who is behind the TAS NZ Bay Limited cyberattack?

The attack was claimed by the PEAR ransomware group, which listed TAS NZ Bay Limited on their dark web leak site and published sample data extracted from the accounting firm's systems.

What types of information were exposed in the TAS NZ Bay Limited breach?

The exposed data includes financial records and accounting documents, business contracts and legal agreements, personally identifiable information (PII) records, partners', vendors', and clients' private data, email correspondence, database contents, passport scans and identification documents, and bank statements and account information.

When did the TAS NZ Bay Limited cyberattack occur?

The firm was listed on the PEAR ransomware group's dark web leak site in July 2025, indicating when the cybercriminals publicly claimed responsibility for the attack and began their extortion campaign.

How many individuals were affected by the TAS NZ Bay Limited data breach?

The number of affected individuals has not been disclosed. Given that the breach involved an accounting firm with client data, the impact could potentially affect numerous clients, partners, and vendors whose information was stored in the firm's systems.

What is TAS NZ Bay Limited and where are they located?

TAS NZ Bay Limited is an Auckland-based accounting firm that provides accounting and financial services. The firm serves clients whose sensitive financial and personal information was compromised in this data theft attack.

What makes this attack particularly concerning for an accounting firm?

The attack is particularly concerning because accounting firms handle highly sensitive financial records, business contracts, personal identification documents, and confidential client information. The 365 GB of stolen data likely contains comprehensive financial and personal details of numerous clients and business partners.

How do data theft extortion attacks like PEAR's work?

Data theft extortion attacks involve stealing sensitive information without encrypting the victim's systems. The attackers then threaten to publish or sell the stolen data publicly unless ransom demands are met, creating pressure through potential reputational damage and regulatory consequences rather than operational disruption.

Incident

New Zealand accounting firm TAS NZ Bay Limited hit by ransomware attack, data breach

published: Aug. 7, 2025

Learn More

TAS NZ Bay Limited, an Auckland-based accounting firm, has been hit by a cyber attack claimed by the PEAR ransomware group. The firm was listed on the cybercriminal organization's dark web leak site in July 2025.

The attack resulted in the alleged theft of 365 gigabytes of highly sensitive business and client information. The PEAR group published sample data extracted from TAS NZ Bay Limited's systems, including scanned copies of account statements, business documents, and passport images

Unlike traditional ransomware operations that encrypt victim data and demand payment for decryption keys, PEAR focuses exclusively on data theft without encryption, using extortion tactics by threatening to publish stolen information unless ransom demands are met.

Exposed data includes:

Financial records and accounting documents
Business contracts and legal agreements
Personally identifiable information (PII) records
Partners', vendors', and clients' private data
Email correspondence and communications
Database contents and customer information
Passport scans and identification documents
Bank statements and account information

The number of affected individuals is not disclosed.

TAS NZ Bay Limited has not yet issued a public statement about the incident on their website or through other communication channels.

New Zealand accounting firm TAS NZ Bay Limited hit by ransomware attack, data breach

Read More
Dentsu reports data breach at U.S. subsidiary Merkle …
Akira Ransomware Group claims breach of MetroWest Community …
Data I/O hit by ransomware attack disrupting global …
SEIU Local 1000 state worker union hit by …
NAHGA Claim Services data breach exposes health information …