Halfway into September, in the 22nd, this year the Giant Group suffered a cyber-attack that forced them to shut down their portal.
The Giant Group is a web-based umbrella company in the UK. It provides specialist workforce management software, their cloud-based software offers help ranging from “talent acquisition and onboarding through to timesheet management, billing and payroll.” They also offer support services from candidate screening to legislative risk management.
In the middle of the third week of September, Giant Group’s contractors were faced with problems to access the portals of the Giant Group. This was due to a claimed “sophisticated cyber-attack” of which they did not share more information about, however many speculate it was due to ransomware.
However the frustration of most customers was due to the lack of communication, the Giant Group did address this concern in the same week in a LinkedIn update post, “We appreciate the situation has been concerning and frustrating.” Later they stated, “We know everyone is frustrated about the lack of communication”
But it was not enough clarity for all the affected, in an interview with Computer Weekly a contractor expressed their feeling of concern and the reason “They have on file my passport, driving licence, bank account details, because that’s all information you need to hand over to them as your employer. It’s an absolute treasure trove of information for a hacker.” Another contractor also showed their worries with Contractor UK, “Then no communication or indication of when I will be paid. My agency has also been chasing as they sent the money through in the first week of September. Coming up to month-end, so there will be financial implications for me.”
Despite the justified concern of those contractors the Giant Group said, in a last update since, “We can confirm that our databases are encrypted.” This affirmation might not be totally satisfactory to sane the worries of many as it does not directly address the issue, it also does not give much information about the problem or how people should proceed to make sure their data is safe.
In this last update made in the Giant Pay LinkedIn account, they shared some more information about their system and payment. They assured the means of contacting them via portals, live chats, and the phone line would be available on the 29th and also warned that some might had experienced “teething problems with the portal at first”, they also confirmed they were on track to make all the payments until Friday, also on the 29th.
This incident was very disrupting for many people, but it also gave us the opportunity to look at how we take care of our data and how we treat cyber-security. We can take advantage of the Cyber Security Awareness Month this October to learn more about protecting ourselves.
Here at Cyber Alarm we aim to protect you and your business’s data against online threats. We have tools to monitor your online services and alert you if they are vulnerable to ransomware attacked (amongst other types of attack). Also, we monitor your data and tell you when that data has been stolen and is available in places like the dark web. We cannot promise that we would have stopped this attack on Giant, but we certainly would have reduced the chances and would give your clients far more confidence that their data is safe.
Other tools include a digital footprint assessment, online ID theft protection, and many others. If you are interested, you can get in contact to know more or even try our free no commitment and no setup plan at www.cyberalarm.org.