Les Mills International

What: Managed IT Support, Information Security Consulting

When: 2009 - Ongoing

Client gives us their blessing to take the team phishing

The back story

New Zealand-born Les Mills International is the world's largest creator of choreographed fitness programmes. LMI provides over 18,000 gyms in 105 countries with live classes, virtual programming, club education and support. LMI has been a valued of client of Origin's since 2009 for managed IT support and since 2015 for managed security support.

Business challenge

LMI has a large number of end users and a highly complex technology eco-system. We had just begun working with the IT department on improving the company's information security. We asked LMI's leadership if they would be prepared to submit the team at HQ in Auckland to a fake phishing attack to raise awareness of within the organisation and reinforce the education programme the team were underway with.


We invited LMI's Head of Global IT, Steve James, to take part in a fake phishing attack to raise the team's awareness of cyber threats, test their defenses and highlight any gaps they had in their education program. What was especially good of him is that he agreed to the experiment being videoed.

Only Steve and a few of his colleagues on the senior leadership team knew that the attack was going to take place.



The results are a great indication of how LMI would have fared at that time in a real attack. Global Head of IT, Steve James said he felt reassured that, whilst the team didn't receive a perfect score (six people provided their details to the fake phisher), they were making great progress towards creating a culture of security awareness among employees. The experiment was used in reporting to the Board to demonstrate that the organisation was doing everything it could to keep information secure.