Umbrella company Parasol confirms data breach linked to cyber attack five weeks ago

Umbrella company Parasol has confirmed that it is investigating details of a data breach that has come to light in the wake of a suspected ransomware attack on its systems last month.

Parasol, which is known to have at least 13,000 contractors on its books, sent out an email earlier today – signed by its CEO, Doug Crawford – in which it confirmed that its IT security team had discovered that “some data” had been copied and leaked online since the attack on its systems.

The data in question is referred to as belonging to Parasol’s parent company, Optionis, which also owns several contractor-focused accountancy firms, including SJD Accountancy and Nixon Williams. Collectively, these entities are known to provide services to about 28,000 contractors.

“Our security team has now detected that some data belonging to Optionis was copied from our system and we believe that some of that has been leaked online,” said the company in an email seen by Computer Weekly.

“At this stage, we have not been able to ascertain the precise nature of the information. However, we are investigating this as an absolute priority.”

The email further stated that the “police and relevant authorities” have been notified about the events, and the company separately confirmed to Computer Weekly that it has made Action Fraud and the Information Commissioner’s Office aware of the situation.

In its email, Parasol said that if it comes to pass that personal information belonging to its employees and contractors has been leaked during the breach, they will be notified immediately.

“We felt that it was important to let you know about this development and we can assure you that we will inform you as a matter of urgency should we uncover that personal data, which is likely to result in a high risk to you, has been leaked,” the email added.

The data breach disclosure comes five weeks after the attack on Parasol’s systems, which was initially attributed to an unspecific systems outage before the company confirmed on Sunday 16 January that “malicious activity” had been detected on its networks.

The attack prompted the company to proactively disable several of its external and back-office systems in the days following the attack, which is known to have resulted in thousands of contractors across the UK experiencing disruption to their payday cycles.

As reported by Computer Weekly on 3 February 2022, some of the affected contractors have been left out of pocket by the attacks to the tune of thousands of pounds.

Computer Weekly contacted Optionis for further details of the breach, and received the following statement in response: “We can confirm that we recently suffered a cyber security incident. With the help of external cyber security experts, we have been conducting an urgent investigation and we now believe that those responsible have released some information online that was extracted from our systems.

“We are investigating the precise nature of this information as a priority and are communicating with those who may have been impacted. We would like to thank our partners, clients and employees for their ongoing patience and support as we continue to respond to this incident.”