TAS NZ Bay Limited, which provides accounting services across New Zealand, was added in July to the leak site of PEAR ransomware, a newly identified cyber threat group.
According to Cyber Daily’s exclusive report, the group claimed that approximately 365 gigabytes of data were taken from the firm, including financial documents, contracts, personal identification records, client correspondence, and database contents.
The group also published sample files allegedly extracted from the firm’s systems. These include a copy of a business contract, a scanned bank statement, and a passport image.
The complete dataset has since been made available for public download by the group.
Although the legitimacy of the data has not been independently confirmed, file types and metadata match the claims made by PEAR.
Cyber Daily reported that PEAR, an acronym for “PURE EXTRACTION and RANSOM,” first appeared in late June 2025 and has since listed 18 alleged victims across multiple countries.
The majority of the affected organisations are based in the US, with other incidents reported in Australia, Germany, and New Zealand.
The group does not use encryption methods commonly associated with ransomware campaigns. Instead, its approach involves exfiltrating sensitive information and issuing payment demands based on threats to publicly release the data.
In a negotiation example shared via ransomware monitoring platforms, the group demanded payment of four Bitcoin (roughly $775,000) for the deletion of 3.8 terabytes of data.
The actor reportedly offered a 10% reduction after the targeted business raised affordability concerns, but refused to alter deadlines or remove names from its leak site.
This fixed approach to extortion – without options for negotiation or delay – may limit the likelihood of ransom payments, particularly from smaller organisations.
Government agencies, including in Australia and New Zealand, generally advise against paying ransoms due to the risk of further targeting and limited assurance of data removal.
The incident involving TAS NZ Bay Limited aligns with broader trends in cyber risk awareness, as reported in Beazley’s 2025 Risk & Resilience survey.
The insurer found that 29% of business leaders now identify cyber risk as their most significant concern – up three percentage points from the previous year.
The study also noted a growing gap between executive confidence and the complexity of emerging threats.
While 83% of respondents said they feel equipped to manage cyber threats, Beazley suggests this may not fully account for risks involving AI-driven ransomware, third-party supply chains, or politically motivated attacks.
Hacktivism was highlighted as a growing area of concern, particularly for businesses operating in specific industries or jurisdictions.
Investment in third-party cyber security services is also increasing, with 79% of executives reporting plans to enhance protections via external providers.
A smaller but notable group (37%) plans to invest further in internal capabilities.
Despite optimism around artificial intelligence, 66% of executives anticipate workforce reductions due to automation, and concerns remain elevated around data privacy and IP theft.
Aon’s 2025 Cyber Risk Report adds a financial dimension to the risks associated with cyber incidents.
The report found that public companies affected by cyber events that escalated into reputation-related issues experienced an average 27% drop in shareholder value.
The research examined 1,414 cyber events globally, with 56 classified as having significant reputational impact – typically due to widespread media coverage and market response.
Malware and ransomware were identified as the most common causes of such incidents, representing 60% of reputational cases.
