unknown attacks SD Worx People Solutions SA
Incident Date:
April 10, 2023
Overview
Title
unknown attacks SD Worx People Solutions SA
Victim
SD Worx People Solutions SA
Attacker
Unknown
Location
First Reported
April 10, 2023
IT Systems Shutdown at Belgian-Based Company Following Security Breach
The Belgian-based company has notified customers that its UK and Ireland division had to close down its IT systems to contain the attack. It stated that it was not a ransomware attack, leaving open the possibility the breach came from a phishing incident: “We are further investigating this case and can confirm that this is not a ransomware attack. Also, at this time there is no evidence to assume that any data has been compromised. The reason why we have pre-emptively isolated our systems is to mitigate any further impact and adequately assess the threat.”
According to its website, SD Worx services 5.2 million employees for over 82,000 companies. Its customers in the UK include Asda, Marks & Spencer and WHSmith.
Immediate Response to Malicious Activities
On 10 April the company stated: “Our security team has discovered malicious activities in our hosted data centre last night. We have taken immediate action and have preventively isolated all systems and servers to mitigate any further impact. As a result, there is currently no access to our systems, which we deeply regret of course.”
Data Privacy Concerns
Because of the nature of the company’s work, concerns over the potential loss of data will centre on personal details such as addresses, bank accounts, birth dates, tax information, government ID numbers, addresses, full names and employee assessments.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.