Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

SD Worx forced to pause operations following cyberattack

Ransomware

HR software and payroll powerhouse SD Worx suffered a cyberattack last week, forcing it to shut down some of its IT systems.

In a notification issued to potentially affected customers, SD Worx said it spotted malicious behavior in its networks and endpoints, so in order to isolate the threat, ceased operation of its systems for UK and Ireland customers.

"Our security team discovered malicious activities in our hosted data center last night,” the notification reads. “We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course.”

Not a ransomware attack

As of today, the login portal for UK and Ireland customers is still offline, but other portals are working. 

"SD Worx emphasizes that it applies extremely stringent organizational and technical security measures to secure the privacy and data of its customers at all times. It goes without saying that we are handling this with the highest priority and that we are working very hard on a solution to give you access to our systems again. We will keep you informed about the further status,” the notification concluded."

When a company shuts down its IT systems after a cyberattack, it usually means it fell victim to a ransomware attack and lost sensitive files. However, SD Worx confirmed to BleepingComputer that this wasn’t a ransomware attack and that so far, there’s no evidence of any data being taken.

"We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised.  The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat."

SD Works has more than 80,000 clients, its website claims, servicing more than five million employees. Being an HR and payroll management firm, it handles plenty of sensitive information such as tax data, ID numbers, bank account numbers, phone numbers, and more. If this indeed turns out to be grand theft data, hackers could get their hands on some important information.

Via: BleepingComputer

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.