Vector is taking legal action against Stuff Limited after it claimed the media company refused to return or destroy information it received following a data breach at Vector.
The electricity and gas company has applied to the High Court for an injunction to prevent further use of the data, however Stuff editorial director Mark Stevens said it had already been destroyed.
On April 26, an unknown hacker managed to access the personal information of up to 24,000 Vector customers through its Vector Outage App - information which was then passed on to Stuff.
The information included customer names, phone numbers, email and postal addresses but not financial information, Vector said.
Stuff published an article about the issue that day, and allegedly approached at least one customer who had been affected by the breach.
Vector said it had asked Stuff several times to return or destroy the information but this had been repeatedly refused.
According to Stevens however the data had been held only until news on the story was finished, at which point the file, received through a secure server, was destroyed.
"We did not agree to demands from Vector to return material to them because that could obviously risk identifying our source," Stevens said.
"We not only had the protection of the customer data to consider, but also the protection of our source," he said.
"We have, at all times, treated this information responsibly. Its circulation was limited to staff who needed to see it for news gathering purposes.
"We have not 'exploited' the information - and we do not sell or otherwise share confidential information we obtain during reporting".
Vector said it had taken all steps to reduce the effect of the breach on its customers including contacting those affected and addressing the security issue.
"We fully accept Stuff had a valid right to report on the original data breach," it said.
"We have made it clear to Stuff that we were not seeking to prevent their reporting on the matter and we have not asked them at any time to disclose their information source.
"However, we do not believe Stuff should have compounded this matter by exploiting the customer data when reporting on it."
Vector said it was aware the move would attract more media attention for the data breach but said it considered taking the steps necessary to protect its customers' information was more important.