Contents:
Belgian company SD Worx shut down all IT systems for its UK and Ireland services after suffering a cyberattack. The European HR and payroll management company services 5.2 million employees for over 82,000 companies.
The company started notifying customers that its UK and Ireland division suffered a cyberattack leading them to shut down IT systems in order to contain the threat.
Immediate Actions Taken
In a security advisory sent by the company to its UK and Ireland customers, SD Worx announced that its team discovered malicious activities in its hosted data center. To prevent and mitigate any further impact the company took immediate action and isolated all its systems and servers. As a result, customers no longer have access to SD Worx’s systems.
SD Worx emphasises that it applies extremely stringent organisational and technical security measures to secure the privacy and data of its customers at all times. It goes without saying that we are handling this with the highest priority and that we are working very hard on a solution to give you access to our systems again. We will keep you informed about the further status.
SD Worx to its Customers (Source)
Except for the company’s UK customer portal, the login portals for other European countries are working correctly.
UK SD Worx Customer Portal (Source)
Customers State Their Concerns
Currently, there are no information as to what type of cyberattack the company suffered from, however, a customer told BleepingComputer that there is concern that sensitive data was stolen as a result of the attack.
Being a full-service HR and payroll company, SD Worx manages a large amount of sensitive data for its client’s employees. As per the company’s general conditions agreement, this data may include tax information, government ID numbers, addresses, full names, birth dates, phone numbers, bank account numbers, employee evaluations, and more.
SD Worx Investigates the Incident
BleepingComputer reached out to SD Worx to obtain a statement on the current situation. The Belgian company declared that they’re still investigating the incident, but currently, there is no evidence to assume that any data has been compromised. SD Worx pre-emptively isolated its systems to mitigate any further impact and assess the threat adequately.
Even if the investigations are still undergoing, the company could confirm that the cyberattack is not a ransomware attack.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.