PrismHR, a payroll company, suffered what could have been a ransomware attack over the weekend that left a massive outage, according to a Tuesday (March 2) report from BleepingComputer.
PrismHR works as an online payroll, benefits and human resources platform used by professional employer organizations (PEOs), which use it to provide services to clients including small to medium-sized businesses (SMBs).
The cyberattack occurred Sunday (Feb. 28) and caused numerous PEOs to lose access to their PrismHR customer portals.
While PrismHR hasn’t identified the attack as ransomware, details provided to BleepingComputer seem to indicate it. The attack occurred over the weekend while the office was empty, which would mean less monitoring for attacks. That could also mean sensitive payroll, benefits and HR data was stolen — though nothing has been confirmed yet, and PrismHR said there was no data breach.
“We’re working on getting the system back online,” a system message read, according to BleepingComputer. “The system you are attempting to access is currently unavailable. We’re sorry for the inconvenience and appreciate your continued patience as we work to restore the system to operation as quickly as possible.”
PrismHR also provided email templates that said it was “currently experiencing an interruption of service impacting over 200 PEOs across the United States.”
Emails said that payrolls wouldn’t be affected and that administrative fees would be waived for the current payroll period because of the outage — although the emails don’t indicate an attack occurred, BleepingComputer says. PEO clients were reportedly told by PrismHR that there had been suspicious activity over the weekend and that the servers were shut down to protect the integrity of the system.
According to the BleepingComputer report, PrismHR is reportedly restoring their systems from backups on disaster recovery systems.
Cyberattacks have been on the rise during the entire pandemic, with the Securities and Exchange Commission (SEC) putting forward a statement that corporate America needs to be more proactive with cybersecurity.
SEC Chair Jay Clayton said recently that the cyberattacks had compounded with the pandemic and other uncertainties in the economy and that they were “there more than ever.”
The SEC put out 30 cyber alerts across numerous industries and business sizes along with customer warnings in October 2020. The warnings include ransomware alongside attacks on service providers and other such things.