Ransomware (March 2021)

Name of Reporting Organization

PrismHR

Date of Incident Occurrence

March of 2021

Incident Type

Ransomware

Event Severity

Critical

Event Narrative

In late February, PrismHR detected suspicious activity within its network. Immediately upon incident awareness, the company disabled access to its platform. The company alerted affected customers that it would build its entire system from data backups in a new environment.

Remediation steps put in place since discovery of the incident?

 The company alerted affected customers that it would build its entire system from data backups in a new environment.

What would you like others in the industry to know about the incident?

The attackers waited until the weekend to unleash the ransomware attack, a weekend that coincided with a Monday at the beginning of the month when customers would expect payroll to be processed. This was not a coincidence. This was a well-timed attack to exert the most pressure on the organization to pay a ransom.