HR and payroll giant SD Worx has experienced a cyberattack leading it to shut down all IT systems for its UK and Ireland services.
The Belgian-based company has notified customers that its UK and Ireland division had to close down its IT systems to contain the attack.
It stated that it was not a ransomware attack, leaving open the possibility the breach came from a phishing incident: “We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised. The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat.”
According to its website, SD Worx services 5.2 million employees for over 82,000 companies. Its customers in the UK include Asda, Marks & Spencer and WH Smith.
On 10 April the company stated: “Our security team has discovered malicious activities in our hosted data centre last night. We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course.”
Because of the nature of the company’s work, concerns over the potential loss of data will centre on personal details such as addresses, bank accounts, birth dates, tax information, government ID numbers, addresses, full names and employee assessments.
In 2021, a cyberattack against PrismHR caused a major customer outage. Later that year, a ransomware attack against Kronos led to the filing of a class action lawsuit against the company. Clients who partner with firms such as Prism, Kronos and SD Worx are not thought to be exposed if they host the companies’ software on their own platforms rather than through cloud-based systems.
The Post Office, WH Smith and the Guardian newspaper are among organisations that have experienced cyberattacks, via ransomware or phishing, in recent months.
We are living in an era where cyberattacks are not necessarily aimed at wreaking havoc or taking down infrastructure” – Terry Greer-King, SonicWall
In late 2022 Britain’s data watchdog, the Information Commissioner’s Office, fined construction group Interserve £4.4m after a cyberattack that enabled hackers to steal the personal and financial information of up to 113,000 employees.
Data from SonicWall has found that the UK is the second most cyber-attacked country in the world, after the US and before Spain. In 2022, UK ransomware soared by 112% and Europe ransomware increased by 70%. Globally, malware increased 2% last year after three years of decline.
SonicWall reported that phishing, the fraudulent use of emails to induce individuals to reveal personal information, declined as Covid receded, and was focused more now on financial and mortgage markets.
For SonicWall vice president of EMEA, Terry Greer-King, the SD Worx attack underlined that “we are living in an era where cyberattacks are not necessarily aimed at wreaking havoc or taking down infrastructure. The hackers carrying out these attacks ensure seamless execution and are determined to succeed. Although the attackers can exploit technological loopholes, employees’ cybersecurity hygiene training must be the first line of defence.”
Latest HR job opportunities on Personnel Today
Browse more human resources jobs
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
