• Wed. Nov 23rd, 2022

British entrepreneur’s sister companies confirm cyberattack • The Register

ByDeborah C. Lowery

Jan 18, 2022

SJD Accounting and Nixon-Williams – the two contractor-focused bean counting businesses owned by the same parent company as UK umbrella company Parasol hit by a cyberattack – have been hit by online attackers.

The three companies are all nested under the British parent company Optionis group, which describes itself as a “family” of “award-winning tax, umbrella and accounting solutions” for entrepreneurs. We asked Optionis Group whether its other brands, which include contractor accounting organization ClearSky and tax refund specialist Brian Alfred, are also affected.

Companies share a company director to Doug CrawfordCEO of Parasol, who is also CEO of SJD and the global parent Optionis.

Sources got in touch last night to say The Reg that the accounting firm disclosed a ‘cybersecurity incident’ to clients via email yesterday, after making vague references to a ‘system outage’ last week.

SJD told its customers yesterday:

Users speculated – once again – that ransomware was behind the attacks, and the statement – ​​seen by El Reg after being sent to customers last night – refers to the intervention of external specialists as well as the extent of the disruption.

Nixon Williams released a almost identical statement on his site this morning.

SJD and Nixon Williams’ sister company, the umbrella company known as the Parasol Group, confirmed late Friday that a cyberattack was at the heart of the prolonged outage of its own network, which our sources say began on May 12. January, impacting payroll processing.

SJD was already hinting at the issues on Twitter last week, calling them a “system crash” that it was trying to “fix”:

SJD Accounting says The Reg in a statement on the cybersecurity incident: “Our security partner and internal team identified the malicious activity very quickly and we are conducting a thorough forensic exercise on this incident. We are working with a team of IT experts to ensure we return to normal operations as soon as possible and we have notified the relevant authorities.”

Customers took to Twitter, as usual these days, to complain about the effects of the attack.

SJD was created by a British notable anti-vaccine activist Simon Dolan in 1997 and the Optionis group bought it in September 2014 for a reported £67m.

As for the parent company Optionis Ltd, its accounts created until October 31, 2020 [PDF]filed in July 2021, revealed its companies providing umbrella outsourcing services accounted for £402.8 million of the group’s total annual revenue of £435.8 million.

Ian Thornton-Trump, CISO of infosec company Cyjax, said The register the communications were reminiscent of those seen during a ransomware attack: “It’s a classic UK SME ransomware experience. It happens and the appearance of ‘maintenance’ turns into ‘investigation’ which turns into ‘security incident’.

“What is needed is a clear explanation and a plan for when normal business operations can be restored.” ®

Source link