But in the same statement, Anglicare claimed there was no evidence that data had been stolen.
The attack, which took place on 31 August, was made public by Anglicare Sydney on 2 September.
None of the ransomware sites that regularly carry out attacks of this nature have as yet listed Anglicare Sydney on their websites.
Anglicare Sydney said only its systems had been affected and not those of the government. It also emphasised that the attack was only on the Sydney unit.
The statement, on Saturday, said the organisation had an incident response plan in place to tackle this kind of situation, involving off-site back-ups and a refusal to engage with cyber-criminals.
"Once the cyber attack was detected, Anglicare Sydney immediately embarked on remediation and investigation including the engagement of cyber security experts. A formal forensic investigation by third parties is still ongoing," the organisation said.
Contacted for comment, a NSW Government spokesperson said: "Department of Communities and Justice cyber security staff were quick to act on potential threats posed by the Anglicare cyber-attack. DCJ took immediate protective action to ensure the cyber breach did not impact their systems.
"At this point Cyber Security NSW is not aware of any impacts on NSW Government systems or services from the Anglicare cyber-attack.
"Cyber Security NSW, together with DCJ, is working closely with Anglicare to assist with their investigation and response to the incident, including engaging with NSW Police."