Share this content
tattered umbrellas

Contractor firms confirm cyber-attack after major outage


SJD Accountancy and Nixon Williams have admitted that a 'cyber security incident' has knocked out key systems, causing significant disruption to services.

19th Jan 2022
Share this content

In a statement the UK contractor specialists, both owned by corporate parent Optionis Group, confirmed their IT security has been hit by online attackers after numerous users reported service outages.

A spokesperson told AccountingWEB: “We recently suffered a cyber security incident that impacted some of our key systems and caused significant disruption to our services. We are working with a team of IT experts to ensure we get back to normal operations as quickly as possible and we have informed the relevant authorities.” 

Details of the incident are scarce at this stage, with both firms declining to specify the nature of the attack and exactly when it took place. However, as both firms have drafted in external specialists to tackle the ongoing situation, users have speculated that ransomware could be behind the outages.

SJD Accountancy told IT publication The Register: "Our security partner and internal team identified the malicious activity very quickly and we are carrying out an extensive forensic exercise into this incident."

In a statement on its site, Nixon Williams said based on its current understanding there was "no evidence" personal data has been removed from its system. "We will provide an update on our investigation when we have more information to share, but we have been informed by our external advisors that this could take a number of weeks," continued the statement. "In the meantime, to ensure the safety and integrity of your data, we have suspended our systems and you will be unable to access Nixon Williams Vantage."

The combined group operating under the Optionis brand is believed to serve approximately 40,000 clients. On its site SJD Accountancy bills itself as the UK's largest specialist provider of fixed fee, limited company accountancy services to contractors and freelancers, with more than 15,000 clients on its books.

Parasol outage

Problems at SJD and Nixon Williams come hot on the heels of sister company Parasol Group suffering its own attack. The umbrella specialist first reported issues on Wednesday 12 January, with the firm stating on Twitter it was "currently experiencing a system outage". However, on Friday 14 January, Parasol stated it had “suspended our systems” following “malicious activity on our network.” The attack has affected the firm's ability to run payroll systems, with a growing number of customers taking to Twitter to report a lack of payment.

According to The Register, Greet Borsens, chief sales officer at Parasol Group, wrote to customers on 12 January stating the firm is "proactively contacting employees who we know to be affected," and in a further update on 13 January said they had created "alternative processes allowing to pay our employees" and provided "guidance on how to contact us."

Whether the attacks on Parasol, SJD Accountancy and Nixon Williams are linked is unclear at this stage, and it is currently unknown whether other firms in the Optionis group, which include fellow contractor accountants ClearSky and tax rebate specialist Brian Alfred, are also affected.

Time for umbrella regulation?

Following the changes to off-payroll working rules in April 2021, umbrella companies have reported a rush of former contractor customers requiring their services, and accountant James Poyser believes the firms are now an "attractive target” for cybercriminals. Following an attack on fellow umbrella firm Giant Group in September 2021, the Parasol outage and a similar incident at Brookson reported this week, inniAccounts CEO Poyser stated it was now time to “mandate security requirements” for umbrellas the "same way the FCA does for banks”.


Replies (8)

Please login or register to join the discussion.

By BryanS1958
20th Jan 2022 09:42

I guess it is denial of service type of disruption. Criminals have been doing the same to VOIP platforms, our phone systems were down for a while.

Thanks (0)
By rmillaree
20th Jan 2022 09:46

"I guess it is denial of service type of disruption. "

The comments suggest exactly the opposite - ie that hackers have taken over the buildng including all the data and may have locked the company out of any ability to access their own data (perhaps).

Thanks (0)
By bobsto12
20th Jan 2022 09:57

I use Parasol and only have been advanced circa 40% of my expected take home pay. They say they will be able to run normal payroll from today..we shall see. They claim that no personal details have been stolen but there are other claims they are available for sale on the dark web. Its all very alarming. Its ridiculous that contractors have to use these companies (and pay the cost). I tried engaging with the agency I use but the attitude was just its my problem if the umbrella company don't pay me. Charming.

Thanks (3)
By AnnAccountant
20th Jan 2022 10:31

Is it ok to be just a little bit pleased that one of these "warehouse accountants" is taking a hit?

Thanks (0)
By rememberscarborough
20th Jan 2022 11:58

Wouldn't life be far simpler and fairer if we were all taxed under the same system so we all pay the same proportion of tax and NI? Might get rid of all these tax hangers on who avoid/evade tax but make sure they want access to all the public services they don't pay for.

Thanks (2)
Replying to rememberscarborough:
By bobsto12
20th Jan 2022 12:48

Like the vast majority of users of these companies I am simply taxed using the paye system as an employee and pay exactly the same tax I would pay if I was employed directly by the client. The only reason we use umbrella companies is we are forced to by the agencies who have eliminated their own payroll costs. To add insult to injury I also have to pay the umbrella company for providing the service.

Thanks (2)
Replying to bobsto12:
By Catherine Newman
20th Jan 2022 13:51

There is a major plus. Fewer adverts popping up today!

Thanks (0)
By Paul Crowley
20th Jan 2022 14:06

Good time for IT Extortion
The slow clients all get nervous about tax filing come December/January

Thanks (0)