SJD Accountancy and Nixon Williams confirm hacking

SJD Accountancy and Nixon Williams have finally confirmed that their businesses have been hacked too.

The two accountancy firms joins its sister company Parasol, and another contractor umbrella company, Brookson, in being penetrated by cyber-criminals.

But SJD and Nixon are both declining to specify when the attack took place, saying only that it was ‘recent’ in an online update for customers and in an email to ContractorUK.

All the signs, however, are that the two accountancy firms had their IT security compromised in the same cyber-attack that penetrated both Parasol and Brookson late last week.

Ransomware is suspected to be the nature of all four of the cyber-attacks, but none of the companies are willing to specify.

'No data removal doesn't necessarily mean no data compromise'

SJD, though, used similar language to separately-owned Brookson (“no data was removed”) to say yesterday that the information of its customers does not appear to have been extracted.

“There is no evidence that personal data has been removed from our system,” both SJD and Nixon said online.

Yet that doesn’t mean that the firms, or their contractor customers, can rest easy.

Founding lawyer of data law firm Gerrish Legal, Charlotte Gerrish, says: “I think just because personal data has not been removed, it does not mean it has not been compromised.”

She added in a statement to ContractorUK: “However [given the online messages] the two firms are attempting to be transparent with data subjects, and I suppose we do not know yet if either SJD or Nixon has felt it necessary to report to the ICO.

“But remember under the GDPR, Article 4, data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed. Therefore, whether data was removed from the systems, even access to personal data is a data breach.”

'More information could be weeks' away'

SJD Accountancy & Nixon Williams said: “We will provide an update on our investigation when we have more information to share, but we have been informed by our external advisors that this could take a number of weeks.”

In their statement to ContractorUK (which is an extract from emails sent yesterday to SJD and Nixon customers), the firms’ say they first emailed affected parties on January 14th.

Sounding similarly pro-active, the online SJD/Nixon message says: “As soon as we identified the issue, we immediately took action to mitigate its impact.

“[We did this] with the support of external IT security specialists and are working round the clock to minimise disruption to our services and resume normal operations.”

'SJD's Jan 14th email didn't notify customers of an attack'

But one SJD customer says the implication of the message -- that the firm told him about the cyber-attack early on, on January 14th, just isn’t fair.

“On the 14th, SJD just said that they were experiencing ‘issues’ with their online systems, there was no mention of the cause.”

He is among the contractors who’ve emailed ContractorUK to ask the publisher to ask SJD/Nixon if they were hacked, as the pair weren’t confirming either way to their customers.

'Suspicious'

The contractor says he knew from the start of Parasol’s acknowledgement of being hacked that something was amiss with SJD too:

“I became suspicious [that SJD had been hacked] when the online accounts recording system was down for what they called ‘system maintenance,’ as this was for a number of days, in a row, in the middle of the week. And I’ve never experienced the system being down before in the two years since the accounts went online.”

He added: “Plus, having worked in IT for 30 years, I can safely say most organisations do this [maintenance] at weekends…to minimise disruption. And they usually pre-announce it.”

'Down for maintenance'

Potentially confusingly, the SJD log-in page still says “down for maintenance” even though now, the text below acknowledges hacking to be the cause of the downtime.

“To ensure the safety and integrity of your data, we have suspended our systems and you will be unable to access SJD Online,” the SJD message says.

Almost identical to Nixons,’ the message thanks customers for their “patience and support” and says “we want to help and support you” with “getting in touch” options of Live Chat, emailing, or telephoning (01253 362000 for Nixon, or 01442 353457 for SJD).

'Relentlessly'

A spokesperson for Optionis, the parent company of Parasol, SJD Accountancy and Nixon Williams said last night: “SJD Accountancy [and Nixon Williams] recently suffered a cyber security incident that impacted some of our key systems and caused significant disruption to our services

“[But] everyone [here] is continuing to work relentlessly to get things back up and running in a safe and secure way while the investigation is ongoing.”

UPDATE: Late yesterday, Nixon replaced its similar message to SJD's with another entitled ‘System Issues,’ which says the site is unavailable “as we undertake system maintenance.”