Cygilant, formerly known as EIQ Networks, concentrates on information security and compliance, according to Wikipedia.
It was initially offering analysis of log files across network devices but then moved into security information and event management.
Contacted for comment, chief financial officer Christina Lattuca said: "We're aware of a ransomware attack impacting a portion of Cygilant's technology environment. Our Cyber Defence and Response Centre team took immediate and decisive action to stop the progression of the attack.
Brett Callow, a ransomware researcher at security firm Emsisoft, said data theft was now a component in more than 1 in 10 ransomware incidents.
"Or, put another way, more than 1 in 10 ransomware incidents are data breaches that are a risk not only to the target company, but also its customers and business partners," said Callow whose employer is based in New Zealand.
"It seems that exfiltration is an effective strategy with a number of companies having paid purely to prevent data being published or misused. And, of course, because it's effective, it's likely to become even more commonplace."
This year, NetWalker has been involved in six incidents that were deemed worthy of being reported.
These included attacks on Australian workforce design and delivery firm Tandem Corp, and Jands, an Australian company that distributes some leading audio, lighting and staging brands for installation, production and retail industries throughout Australia and New Zealand.
Another attack of note was on Forsee Power, a company that designs and manufactures smart lithium-ion battery systems for electro-mobility markets, with a fourth being on Trinity Metro, a regional transportation authority of the state of Texas.
Prior to that the University of California in San Francisco admitted it paid US$1.14 million to a gang that used NetWalker to attack its systems. A sixth case was that of Australian customer experience firm Stellar, that also operates across Asia, North America and Africa.