Experts Reaction On PrismHR Hit By Ransomware Attack

By   ISBuzz Team
Writer , Information Security Buzz | Mar 04, 2021 05:36 am PST

It has been reported that the leading payroll company PrismHR is suffering a massive outage after suffering a cyberattack this weekend that looks like a ransomware attack from conversations with customers. PrismHR is an online payroll, benefits, and human resources platform serving over 80,000 organizations with 2 million employees and total annual payrolls of over $80 billion.

Notify of
3 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Natalie Page
Natalie Page , Cyber Threat Intelligence Analyst
March 4, 2021 1:40 pm

<p>Due to the nature of this organisation, PrismHR makes for an extremely valuable target to an adversary looking to extract sensitive information across a large number of companies in one singular attack. The successful exfiltration of this information has the potential to provide a huge return to an attacker looking to financially gain via the sale of this data.</p> <p><br />While currently information regarding this attack is quite vague, it is extremely concerning that the infiltration has the potential to impact up to 200 small to medium sized businesses. Unfortunately, organisations of this size after often less prepared for an incident like this one, with budgeting usually less prioritised for a potential cyber-attack.</p>

Last edited 2 years ago by Natalie Page
Lewis Jones
Lewis Jones , Threat Intelligence Analyst
March 4, 2021 1:38 pm

<p>Companies such as PrismHR hold a vast amount of sensitive data so it’s no surprise they are targeted by ransomware operators. The disruption to payroll services will have a massive impact on clients and its workers which will no doubt cause a lack of future confidence in PrismHR. Ransomware renders any files it touches unreadable unless, and until, a victim pays for a digital key needed to unlock the encryption on them.</p> <p> </p> <p>Whilst PrismHR have stated that findings from the initial investigation have found that no sensitive data was leaked, given the volume and sensitive nature of the data PrismHR manages on behalf of their clients, it’s no doubt those clients and their customers will be concerned. As seen with other ransomware attacks whilst the ransom can be paid businesses have no guarantee that the data will be deleted and won’t be published in the future.</p>

Last edited 2 years ago by Lewis Jones
Stephen Kapp
Stephen Kapp , CTO and Founder
March 4, 2021 1:37 pm

<p>Until PrismHR confirms the exact cause of the outage, the industry can only speculate on what they believe is going on behind the scenes. However, if this does turn out to be related to ransomware the ramifications will be very serious. An attack like this will not only impact PrismHR but also its customers who will need access to systems in order to pay employees. If PrismHR does not have the correct security tools installed and a proper backup system in place this could prove extremely difficult. PrismHR, therefore, might find itself in a position where it has no choice but to pay the attackers, although this is not always recommended as this can further fuel future attacks.</p>

Last edited 2 years ago by Stephen Kapp

Recent Posts

Would love your thoughts, please comment.x