fbpx

Is it just Parasol customers who have had their data exposed in the UK contractor cyberattack?

case study
Facebook
Twitter
LinkedIn

Our Data Breach lawyers are investigating a data breach that occurred at Parasol Group following a cyberattack. The privacy violation, believed to be a ransomware hack, resulted in the exfiltration of some very sensitive contractor information. Our cyber investigators have discovered almost 6,000 pages of information that we believe comes from Parasol on the dark web. 

What do we know about the Parasol data breach?

Parasol is owned by Optionis Group. Other companies in this Group include Clearsky Business, Clearsky Contractor Accounting, SJD Accountancy, First Freelance, Optionis Accountancy and Nixon Williams. These businesses provide services to around 28,000 contractors.

Over the last few days, we have been contacted by contractors who use these businesses, concerned that their data could be at risk. Here’s what we know so far:

  • Nixon Williams did suffer a cyber security incident that impacted some of its key systems and caused “significant disruption” to its services. While the company is still investigating the incident, it does not believe that any personal data has been removed from its systems
  • Clearsky Contractor Accounting was also impacted by the attack, and this led to system outages and service disruption. The business does not believe that its platforms were accessed, or any data removed.
  • SJD Accountancy confirmed that it had also been hacked. There is no evidence that personal data has been removed from its system

Contractor payroll service provider Brookson Group was also targeted in the same “aggressive attack”. However, Brookson claims that “our network defences spotted and contained the attack immediately and this allowed us to contain the impact and take the necessary preventative measures to ensure no data was removed.”

We seek clarification on the wording used by Brookson and the Optionis Group subsidiaries. Just because personal information was not removed, this does not mean that it was not accessed and compromised. So, it’s not yet clear whether customers of these businesses suffered a data breach.

We continue to watch developments with interest and will keep you updated as and when we learn more.

Contact us if you are concerned that your information has been leaked on the dark web

We have launched a no-win, no-fee group action compensation claim to help those affected by this breach. If you register with us, one of the first things we will do is ascertain whether your data has been breached, and whether it is amongst the documents we have found on the dark web.

In March 2024, our firm changed its name to KP Law. 

Share this article: