The Department of Conservation's search and rescue base at Aoraki/Mount Cook has been hit by a ransomware attack.
DOC deputy director-general corporate services Rachel Bruce said 11 people may have had their privacy breached and it was in the process of contacting them.
The attack happened a month ago and information about staff at the base, as well as people helped through DOC operations, may have been accessed by the hackers.
Bruce said the base was on a standalone IT network, so there had been no wider impact to DOC's IT systems.
The search and rescue team were able to activate contingency plans and within four days they had replacement devices.
"We took immediate action once we became aware of the attack," Bruce said.
"All five devices on the standalone network were immediately isolated and sent to third-party forensic analysis specialists to determine what data had been compromised."
DOC is awaiting results from the forensic analysis and a review of documents to determine the privacy impact.
"We have identified 11 of the 92 operations where the information included in the breach is likely to include sensitive information about the individuals involved and therefore notification will be required under the Privacy Act 2020," Bruce said.
"Some of these individuals were tourists and likely reside overseas."
DOC is working with the Privacy Commissioner, the police and the rescue coordination centre as part of its response to the cyber attack.