SD Worx Halts Operations After Cyberattack

SD Worx halts operations after cyberattack. And the company has stated that it is not a ransomware attack.

SD Worx Cyberattack

SD Worx Cyberattack

Payroll and HR software powerhouse, SD Worx last week suffered a cyberattack thus forcing the company in the process to shut down some of its IT systems.

The company in a notification issued out to potentially affected customers said that it sighted malicious behavior in its endpoints and networks, so it had to cease operations of its systems for Ireland and UK customers in order to isolate the threat in question.

SD Worx Sent Out a Notification to Potential Affected Customers

“Our security team discovered malicious activities in our hosted data center last night,” the notification states. “We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course.”

And as of today, the login portal for both UK and Ireland customers is still offline, but other portals are reportedly working fine.

“SD Worx emphasizes that it applies extremely stringent organizational and technical security measures to secure the privacy and data of its customers at all times. It goes without saying that we are handling this with the highest priority and that we are working very hard on a solution to give you access to our systems again. We will keep you informed about the further status,” the notification concluded.

What It Means When a Company Shuts Down Its IT Systems

Usually, when a company shuts down its IT systems after a reported cyberattack, it simply means that it has fallen victim to a ransomware attack and then lost sensitive files in the process. SD Worx however confirmed that this was not a ransomware attack on BleepingComputer and that there is no evidence of any data stolen so far.

“We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised.  The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat.”

The Impact of the Attack

SD Worx has over 80,000 clients, its website reports, servicing over five million employees. And being an HR and payroll management company, it gets to handle much sensitive information such as tax data, ID numbers, bank account numbers, phone numbers, and many more. And if this turns out to be a grand theft data, hackers then could get their hands on some really key pieces of information.



Please enter your comment!
Please enter your name here