Company fires more than 300 employees due to massive ransomware infection

A cyberattack can generate disastrous consequences for affected companies. Massive data loss, layoffs, fines for information security breaches and high recovery costs are catastrophic scenarios, although things can get even worse.

The worst has happened to The Heritage Company, a telemarketing agency based in Arkansas, US. This company had to fire more than 300 employees, in addition to indefinitely stopping its operations, after not being able to recover 100% from a recently occurred ransomware attack.

The company has decided not to reveal further details about the incident, such as the amount of money it has invested for its recovery process or the technical characteristics of the attack. For now, the only official statement on this subject is a letter addressed to the dismissed employees, signed by Sandra Franecke, CEO of the company, offering apologies for the decision made, arising from the loss of hundreds of thousands of dollars.

In her letter the CEO states that although the company’s information security team worked very hard on the incident recovery process, and although she even resorted to its own savings to try to keep the agency afloat, these efforts were in vain, as the company does not have sufficient resources to absorb all expenses.

“Unfortunately, about two months ago our servers were attacked with a virus that took our entire systems hostage, demanding a ransom in exchange for regaining access to our computing resources. Our information security department has been doing everything it can to get the systems back up and running again, although there’s still a lot to do,” says the CEO in her letter.

Franecke concluded her message by making it clear that the company will suspend its operations indefinitely, requesting the understanding of affected employees and ensuring that an update on the incident will be released on January 2. While there are no favorable forecasts for the restoration of operations at The Heritage Company, the CEO says she won’t give up: “My mother founded this company 60 years ago, and I’ll do everything I can to keep it afloat,” she said.

Unfortunately this is not the first time a company resorts to suspension of operations due to a cyberattack. A few months ago, information security experts from the International Institute of Cyber Security (IICS) reported a similar incident that affected forensic firm Eurofins Scientific, whose computer systems were infected with ransomware. It was reported that after going about two months without operating, the firm regained access to its systems by paying the hackers the demanded ransom.

Another attack of similar characteristics occurred at ASCO, a Belgian aircraft systems and parts developer, whose servers were compromised with ransomware, after which managers decided to provisionally send home to nearly 1500 employees, whose jobs were completely offline.