Is it just Parasol customers who have had their data exposed in the UK contractor cyberattack?

Parasol is owned by Optionis Group. Other companies in this Group include Clearsky Business, Clearsky Contractor Accounting, SJD Accountancy, First Freelance, Optionis Accountancy and Nixon Williams. These businesses provide services to around 28,000 contractors.

Over the last few days, we have been contacted by contractors who use these businesses, concerned that their data could be at risk. Here’s what we know so far:

• Nixon Williams did suffer a cyber security incident that impacted some of its key systems and caused “significant disruption” to its services. While the company is still investigating the incident, it does not believe that any personal data has been removed from its systems
• Clearsky Contractor Accounting was also impacted by the attack, and this led to system outages and service disruption. The business does not believe that its platforms were accessed, or any data removed.
• SJD Accountancy confirmed that it had also been hacked. There is no evidence that personal data has been removed from its system

Contractor payroll service provider Brookson Group was also targeted in the same “aggressive attack”. However, Brookson claims that “our network defences spotted and contained the attack immediately and this allowed us to contain the impact and take the necessary preventative measures to ensure no data was removed.”

We seek clarification on the wording used by Brookson and the Optionis Group subsidiaries. Just because personal information was not removed, this does not mean that it was not accessed and compromised. So, it’s not yet clear whether customers of these businesses suffered a data breach.

We continue to watch developments with interest and will keep you updated as and when we learn more.