Media company NZME has warned some details of competition entrants may have been accessed by a cyber attack on a third-party cloud server used by the company.
Initial investigations show information relating to about 76,000 people was held on the overseas cloud server.
They were primarily names, email addresses and phone numbers, and some travel information for a small group.
NZME said that when alerted to the breach by a competition partner earlier this week, access to the server was immediately locked down.
Chief executive Michael Boggs said there was no evidence any of the information hacked had been used.
It did not contain any financial information or credit card data.
Competition partners and those contest entrants in the database were being contacted.
''The priority for us is firstly security and secondly then making sure that they're not open to spam or phishing that could come from this," he said.
'We're continuing our investigations - we believe it would be an offshore person or persons involved.''
An external forensics team is working on the breach.
NZME, publisher of the New Zealand Herald and other newspapers and websites, and owner of radio stations including Newstalk ZB and ZM, had briefed the Privacy Commission and would work to ensure all appropriate steps were taken.
"Our priority now is working with competition partners and customers to alert them to the fact and tell them what steps they can take to make sure their information stays secure,'' said Boggs.
"NZME takes privacy and data security very seriously, and we're doing everything we can to determine the details and extent of the security breach and to protect against future threats," he said.
Chief executives responding to the Herald's Mood of the Boardroom identified cyber security as one of their main concerns.
"This highlights these threats are ever-present and we have to constantly evolve and keep on top of them to protect the customers," Boggs said.