Leading payroll company PrismHR is suffering a massive outage after a cyberattack on Sunday, suspected of being a ransomware attack.
PrismHR is an online payroll, benefits, and human resources platform used by Professional Employer Organisations servicing over 80,000 organisations with two million employees and total annual payrolls of over $80 billion.
The company suffered a “suspicious activity” activity over the weekend and immediately shut down their servers and network to protect the “integrity of their systems.” They are now restoring their systems from backups located on disaster recovery systems and have stated customers have not had their data stolen during the attack.
Most enterprise-targeting ransomware attacks occur over the weekend while employees are not present, computers are not being used, and there is less attention paid to the network.
This decrease in monitoring allows threat actors who have been lurking quietly on the network to begin the process of noisily deploying the ransomware to encrypt systems. Unfortunately, before encrypting devices, most ransomware gangs steal unencrypted data to be used in double-extortion attacks.
If this turns out to be a ransomware attack, the nature of PrismHR’s business could make this disastrous. Considering that the PrismHR handles the payroll, benefits, and human resources for thousands of organizations, they would also have very sensitive information stored in their systems.
This data may include social security numbers, payroll, ID cards, employee benefit information, information for beneficiaries, and a wide assortment of other sensitive information.
With thanks to the Cyber Defence Alliance and BleepingComputer. The full story is here: https://www.bleepingcomputer.com/news/security/payroll-giant-prismhr-outage-likely-caused-by-ransomware-attack/
Find out how The Identity Organisation can help you remotely onboard Employees, Avoid Fraud and Keep Data Secure with AcuantGo
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://mailchi.mp/8b5c8353e419/acuantgo-rfi