Report a Council System Security Breach - Wellington

In Wellington, Wellington Region, reporting a suspected council system security breach promptly helps protect public services and personal data. This guide explains how to notify Wellington City Council, when to escalate to national agencies, what enforcement or remedial actions may follow, and where to find official forms and contacts. It is written for staff, contractors, and members of the public who discover unusual access, data loss, ransomware, or other cybersecurity incidents affecting council systems. Follow the step checklist in How-To to preserve evidence, report securely, and meet any legal or contractual notice requirements.

Penalties & Enforcement

Wellington City Council does not publish specific monetary fines for internal system security breaches on its public reporting pages; statutory criminal offences or civil remedies may apply under national law or contract. For council-managed systems, initial enforcement and response are handled as an operational security incident; criminal investigation or prosecution would be a matter for national authorities where appropriate.^[1] For national incident reporting and guidance, CERT NZ provides reporting pathways and advice but does not set council fines.^[2]

Typical enforcement elements

• Non-monetary orders: suspension of accounts, revoked access, system quarantine or shutdown.
• Criminal investigation: referral to police or national agencies for offences (penalties not specified on the cited page).
• Civil remedies: contractual claims, remediation costs, or injunctions (not specified on the cited page).
• Monetary fines: not specified on the cited council page; national statutes may prescribe penalties.

Enforcer, inspection and complaint pathways

The council handles initial reports through its online reporting and ICT/ Digital Services processes; details for submitting incident reports are on the council reporting page.^[1] If the breach involves suspected criminal activity, the council or the reporter may escalate to Police or CERT NZ for national coordination.^[2]

Appeals, review and time limits

Formal appeal or review routes for enforcement decisions are not specified on the cited council reporting page. For decisions involving suspension of accounts or service restrictions, ask the council for the specific review or complaints procedure referenced in their decision notice (details not specified on the cited page). For criminal charges, statutory time limits and appeal rights under national law apply.

Defences and discretion

The council may consider "reasonable excuse" or permitted access under contract or role-based permissions in its internal review, but specific defences and discretion provisions are not published on the public reporting page.

Common violations and likely outcomes

• Unauthorised access using stolen credentials — likely account suspension and forensic review.
• Malicious code or ransomware on council systems — isolation and remediation, possible referral to national authorities.
• Data exfiltration from a council database — notification, breach assessment, and possible legal action.

Applications & Forms

There is no separate public "security breach fine" form listed; the council accepts incident reports through its online reporting/service request channels and dedicated ICT processes as set out on the council site.^[1]

How to

Immediate actions to take when you discover a suspected council system breach are listed in order below; preserving evidence and using official reporting channels improves response and potential legal outcomes.

1. Contain: disconnect affected devices from the network if safe and authorised.
2. Document: record times, actions, log files, screenshots and any communications related to the incident.
3. Report to Wellington City Council via the official incident/reporting page or contact point immediately.^[1]
4. If the incident appears criminal or widespread, also report to CERT NZ using their online reporting tool.^[2]
5. Preserve evidence: do not alter logs or devices further and follow any retention instructions from the council or investigators.

FAQ

Who should I contact first about a suspected council system breach?

Contact Wellington City Council via its incident/reporting page first; if you suspect criminal activity, also report to CERT NZ and Police.

Will I be fined for reporting an incident?

Reporting a breach is not a basis for a fine; published fine amounts for council system breaches are not specified on the council reporting page.

Can I report anonymously?

The council reporting form may allow limited anonymity, but providing contact details improves follow-up and investigation; check the council page for options.

How-To

1. Gather basic incident details: date/time, affected systems, user accounts, and observable symptoms.
2. Secure evidence: take screenshots and preserve logs without modifying original files.
3. Use the Wellington City Council incident/reporting page to submit the report and follow any immediate instructions provided.^[1]
4. If criminal activity is suspected or data exfiltration is confirmed, file a report with CERT NZ online.^[2]
5. Follow up with the council and, if applicable, legal or compliance contacts named in your contract.

Key Takeaways

• Report quickly to reduce harm and preserve forensic evidence.
• Use Wellington City Council official reporting channels and CERT NZ when appropriate.

Help and Support / Resources

• Wellington City Council - Report a problem or service request
• Wellington City Council - By-laws and compliance information
• CERT NZ - Report an incident