1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • SD Worx forced to pause operations following cyberattack

    From TechnologyDaily@1337:1/100 to All on Tue Apr 11 10:45:03 2023
    SD Worx forced to pause operations following cyberattack

    Date:
    Tue, 11 Apr 2023 09:34:01 +0000

    Description:
    It's not a ransomware attack, the company confirms, adding that there's no evidence of data exfiltration.

    FULL STORY ======================================================================

    HR software and payroll powerhouse SD Worx suffered a cyberattack last week, forcing it to shut down some of its IT systems.

    In a notification issued to potentially affected customers, SD Worx said it spotted malicious behavior in its networks and endpoints , so in order to isolate the threat, ceased operation of its systems for UK and Ireland customers.

    "Our security team discovered malicious activities in our hosted data center last night, the notification reads. We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course. Not a ransomware attack

    As of today, the login portal for UK and Ireland customers is still offline, but other portals are working.

    "SD Worx emphasizes that it applies extremely stringent organizational and technical security measures to secure the privacy and data of its customers
    at all times. It goes without saying that we are handling this with the highest priority and that we are working very hard on a solution to give you access to our systems again. We will keep you informed about the further status, the notification concluded."

    When a company shuts down its IT systems after a cyberattack, it usually
    means it fell victim to a ransomware attack and lost sensitive files.
    However, SD Worx confirmed to BleepingComputer that this wasnt a ransomware attack and that so far, theres no evidence of any data being taken. Read more

    Clop ransomware may have infected even more victims than previously thought


    Saks Fifth Avenue becomes latest Clop ransomware victim


    Check out the best malware protection right now

    "We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised. The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat."

    SD Works has more than 80,000 clients, its website claims, servicing more
    than five million employees. Being an HR and payroll management firm, it handles plenty of sensitive information such as tax data, ID numbers, bank account numbers, phone numbers, and more. If this indeed turns out to be
    grand theft data, hackers could get their hands on some important
    information. These are the best firewalls right now

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/sd-worx-forced-to-pause-operations-following-cy berattack


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)