Belgian HR and payroll large SD Worx has suffered a cyberattack inflicting them to close down all IT methods for its UK and Ireland companies.
SD Worx is a European HR and payroll administration firm primarily based out of Belgium that companies 5.2 million workers for over 82,000 corporations, based on its web site.
Today, SD Worx started notifying clients that its UK and Ireland division suffered a cyberattack main them to close down IT methods to comprise the assault.
“Our security team has discovered malicious activities in our hosted data centre last night. We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course,” reads a safety advisory to SD Worx UK and Ireland clients.
“SD Worx emphasises that it applies extremely stringent organisational and technical security measures to secure the privacy and data of its customers at all times. It goes without saying that we are handling this with the highest priority and that we are working very hard on a solution to give you access to our systems again. We will keep you informed about the further status.”
While the login portals for different European international locations are working appropriately, the corporate’s UK buyer portal just isn’t accessible.
While there isn’t any additional info as to what kind of cyberattack the corporate suffered, a buyer has instructed BleepingComputer that there’s concern that delicate knowledge was stolen through the assault.
As a full-service human sources and payroll firm, SD Worx manages a considerable amount of delicate knowledge for its consumer’s workers.
According to the corporate’s normal circumstances settlement, this knowledge could embody tax info, authorities ID numbers, addresses, full names, delivery dates, cellphone numbers, checking account numbers, worker evaluations, and extra.
Other previous assaults towards payroll and HR administration corporations have led to lawsuits for inadequately defending clients’ knowledge.
In 2021, a cyberattack towards PrismHR triggered a large buyer outage. Later that 12 months, a ransomware assault towards Kronos led to the submitting of a class motion lawsuit towards the corporate.
Update 4/10/23: SD Worx instructed BleepingComputer that they’re nonetheless investigating the incident however have confirmed it was not a ransomware assault.
“We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised. The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat.” – SD Worx.