The repercussions from cyber attacks are scaring top-level organisations.
One law firm has had a 150 percent increase in requests for specialised training.
The Waikato DHB could be sued if it's found it didn't do everything it could to protect people's personal health information.
The legal repercussions of cyber attacks is scaring the top level of organisations, with more management than ever asking for help.
The Colonial Pipeline hack in North Carolina is the reality of ransomware. There was panic at the pump after a crucial fuel pipeline in the US was taken offline by hackers demanding US$5 million.
Now, extortion is on the doorstep of our state agencies.
"This is a shock across the bow, all DHBs should be improving cyber resilience," DLA Piper partner Nick Valentine says.
Health agencies hold people's personal information, making them profitable prey.
"The Waikato DHB are an obvious target because of the sensitivity of the information they hold," Valentine says.
Valentine says it could even be the target of a legal challenge, making the potential cost even higher and cybersecurity all the more important.
"Worst case would be an obligation to affected individuals."
But how can any organisation prevent human error?
"I can honestly admit that I, myself, being a cybersecurity expert, I've fallen victim to a phishing attack," SafeStack COO Erica Anderson says.
"Because if someone is very motivated and determined, they'll try and crack things that actually look very believable."
Experts are stressing the importance of businesses having a 'human firewall' to identify scams and ransomware attempts.
"It is absolutely critical to have a robust training programme in place," Valentine adds.
For companies providing cybersecurity training, high-profile hacks have seen demand hit the roof.
"It's hearing about stories like this on the news and thinking, 'oh maybe I need to actually think about my own cybersecurity'," Anderson says.
Waikato's an all-too-real warning for businesses to wise up.