Amundson & Amundson data breach: Kitomba customer notice

Were you affected by the Amundson & Amundson data breach? If so, here’s what you need to know. 

  • On 29 November 2022 Kitomba’s customer support overflow provider Amundson & Amundson experienced a ransomware attack.
  • As part of the attack, information from Amundson & Amundson’s database was stolen and is unable to be retrieved.  
  • The data lost includes names, phone numbers and email addresses of people who have tried to contact Kitomba’s support team outside of standard business hours or during peak times.
  • This could include multiple staff member names and phone numbers from one business.
  • This does not include any information stored in Kitomba or Kitomba 1, such as your client data.  


Does this include client data?

No. Only people who have contacted the Kitomba support team outside of standard business hours or during peak times since 2015 are included, and only the name, email and phone number they provided during their call has been compromised. 

The lost data does not include any sensitive information or other information about your business or your clients, nor does it include any information stored in Kitomba or Kitomba 1.

What type of personal information was stolen?

Names, phone numbers and email addresses captured on a call to the Kitomba support team. Not all three were captured every time, and no other information was stolen.

What should I do if I’ve been affected?

To help protect your information and prevent any potential misuse, we recommend that you take the following steps:

  1. monitor your accounts for any suspicious activity;
  2. be cautious of any unsolicited communications that ask for personal information; and
  3. if you receive any suspicious communications that appear to be from Amundson & Amundson, do not respond to them and contact us immediately.

What are you doing to prevent this from happening again?

Amundson & Amundson shutdown their system to prevent further loss of data. They have notified the Office of the Privacy Commissioner, CertNZ and the New Zealand police.

Here at Kitomba we already have strict measures in place to ensure your business and client data is secure when using our software. As a result of this breach by our third party provider, we have revisited our security policies and will be working with our third party providers to ensure they have strict policies and security in place to protect our customer’s information.

We take the protection of your personal information very seriously and sincerely apologise for any concern or inconvenience this may cause. If you have any questions or concerns, please don't hesitate to contact us by emailing support@kitomba.com or by calling us, or you can contact the privacy commissioner on 0800 803 909 or by emailing enquiries@privacy.org.nz. We are here to help and support you.

From, 
The Kitomba team

No video selected

Select a video type in the sidebar.