Multi-day IT systems outage whacks umbrella biz Parasol Group amid fears of a cyber attack Contractors employed via umbrella company Parasol Group are increasingly nervous about a multi-day outage of some IT systems used to process payroll, with several suspecting a security attack as the root cause. Greet Borsens, the chief sales officer at Parasol Group, itself part of Optionis Group, wrote to its contractor …
Given the rise in prominence of 'umbrella' services courtesy of HMRC, they could well become a prime target, not least for ramsomware because of the scale of disruption caused to the wider business community when they go down. Much more effective than attacking a single enterprise.
The same problem could face the 'data intermediaries' advocated by the UK govt.
This post has been deleted by its author
I am on my second brolly company in as many months, and while I feel for my fellow contractors I am not surprised.
If the back end is anything like the front this shit show will not be back online soon. Wonder how good the backups are!
One Brolly company wanted me to email them my bank details and a copy of my passport. This was standard practice.
Rush to market, security and customer service is still on the back log.
I have not found one yet with a 2FA.. This outage sounds like credential reuse, privilege escalation, deploy ransomware.
One Brolly company wanted me to email them my bank details and a copy of my passport. This was standard practice.
It's standard practice for good reason, firstly KYC/RTW checks: they are technically your employer, so, under the hostile environment, are on the hook if it turns out you don't have the right to work.
Secondly, they need your bank details in order to pay you, and most will probably prefer a UK account.
I'm fine with this (except the HE forcing employers, landlords, healthcare workers etc to act as Border Force auxiliaries - I can feel my dad, all his career in the Immigration service, as it used to be known, spinning in his grave).
My one stint as a contractor, I used Parasol as my brolly, and they were pretty good, explaining things to me as a newbie. The only real problem I had was the sub-Coldplay as their hold music.
So, I was supposed to be an "employee" of Parasol Umbrella - which means they are supposed pay me, right? What happens when the agency goes under taking client's money with them? Answer from Parasol - you'll get paid when we get paid. I very much doubt I'll see any of the 2 months' worth of "salary" that I'm owed, ever, once the liquidator of the agency finishes taking their fees. Over 18 months and counting.
After 25 years as a contractor, working in my own right, for multiple clients, providing my own kit, working from home, paying tax without employing any ruses or cheats whatsoever, I got forced into IR35 with a Government client.
Did a year, didn't grumble, worked for other clients at the same time, paid tax on that, paid my accountant, paid my insurance, collected VAT etc. like good little soldier.
Six weeks after a 12 month renewal the project went bang but no worries, I'm technically an employee right? Fucking wrong matey, out the door.
And these bastards wonder why nobody wants to do business with them apart from their Tory mates eh?
I got forced into IR35 with a Government client.
...
Six weeks after a 12 month renewal the project went bang but no worries, I'm technically an employee right? Fucking wrong matey, out the door.
IR35 doesn't mean you're an employee of the client company, just that you're treated like an employee for tax purposes. Surely a 25-year contracting veteran knows this.
Anyway you're still an employee of YOUR company, are you not?
Given that almost all large fims / govt bodies are supposed to do due diligence on their supply chain and its ability to withstand business disruption, it does look like nobody's thought to push Parasol a bit harder to validate that their own incident plans and processes are up to scratch. My guess is that nobody went one step further along the chain...
There will be more than a few high-value IT programmes where big chunks of the workforce are hacked off and whose minds aren't entirely on the job if this runs on another week.
We live in a world where people are bonused for removing resilience. Because what's the point in spending money on something you might never need when business continuity insurance is so much cheaper. I'm sure the same business leaders make the same choices at home. Car insurance covers the six months spent in traction so there's really no need to waste money getting the brakes repaired this month.
I can confirm that the severe lack of information coming from Parasol is very frustrating indeed. And practically having to beg to be paid via a ridiculous chat system as I can't get through on the phone and nil response by email.
I finally received 2/3 of what I should have been paid.
And this week have no idea even if I will get paid.
Am absolutely frustrated and distraught about this and no comms from this umbrella whatsoever.
Am certain there are other interims out there in same position. Someone should really do something.
And no pay means can't pay bills - will Parasol cover interim's missed direct debit charges from banks and creditors???
In My experience Parasol are one of the good guys.
I used them as My Brolly for donkeys (couldn't be bothered with the paperwork)
if they are having issues with paying you there is an issue with them getting paid.
At the end of the day, they can't pay you what they don't have...
Hopefully, they will get their systems back up and running and get something sorted, I hope my faith in the folks formerly from Warrington is not misplaced, if you are put into hardship sit on the chat all day, until they get their systems back up or send someone to camp outside their offices.
Those two terms are diametrically apposed.
IF your IR35 then you are not a "Contractor".
IF you are a "Contractor" then you are NOT IR35.
You just have to be brave and say no when the offer comes in.
Umbrellas ARE the target of probably the most talented bunch of people on the planet, expect their sites and services to be destroyed on a regular basis.
So their "payment broadly in-line with what you would normally be paid" came through and they've deducted 65% from my invoice which is at least 25% more than they would have deducted previously.
My renewal is up at the end of the month and I'm pushing the client to allow me to use my Ltd company to process a full PAYE salary.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
