The practice was attacked by ransomware – a type of malicious software – which remotely accessed a computer at its London office earlier this month.
ZHA alerted police on Tuesday (21 April) after finding messages left on its server saying internal company data had been encrypted and would only be released if it negotiated a ransom settlement with the hacker.
ZHA declined to communicate with the hacker and has enlisted a cyber-forensics team to investigate the data breach.
While the encryption of some server information is not a serious problem, as the data was backed up, it is unknown how much information has been stolen.
A now-deleted tweet from an anonymous account on Thursday included screenshots of hacked payroll and cash book information.
However, the architect believes no project data has been stolen or interfered with and says, as a result, it believes the hack was not specifically targeted at the practice.
Although staff were locked out of the server for a period and were forced to change passwords, the company claims the attack has not seriously affected the firm’s work.
It is understood clients have not yet been made aware of the security breach, as the company could not yet guarantee its communications system was secure.
We strongly advise the architectural community to be extremely cautious
A spokesperson for ZHA said: ‘With all our 348 London-based staff working from home during this pandemic and cyber criminals poised to exploit the situation, we strongly advise the architectural community to be extremely cautious.
‘Data protection and privacy is extremely important to us and this is why we regretfully have to announce that on 21 April we experienced a security breach and theft of data in a ransomware attack.
‘We immediately worked to secure our network and reported the incident to the authorities. With minimal disruption to the work of our teams, we continue to investigate any criminal theft of data with cyber specialists.’