SJD Online is beyond shit - but they moved me to FreeAgent in August at least (not for history but this Financial Year at least).
SJD Accountancy and Nixon Williams – both contractor-focused beancounting firms owned by the same corporate parent as cyber-attack-struck UK umbrella company Parasol – have been hit by online attackers. The three firms are all nested under UK corporate parent Optionis Group, which describes itself as a "family" of "award- …
I left them for a different accountancy which uses FreeAgent. SJD's IT systems hadn't been updated for years and Im not at all surprised they were hacked.
I just logged into my old SJD account and the page is still accessible but with random media embededs on it. No, I didn't click them!
I found that SJD had lost all its experienced accountants, the only accounts they had were trainees (yes, we all have to start somewhere but some of them were really poor for the amount I was paying SJD).
Any TheRegister reader who has used Parasol, Nixon Williams, SJD or other Parasol companies knows that the service has gone down the toilet in recent years.
This cyber attack is of no surprise to anybody who has worked on good cloud deployments. The VC group that runs Parasol companies doesn't care about appropriate security for the cloud instance. Basic security steps weren't followed. All parasol companies were dumped in to one cloud instance and two VPCs. Best practice guidance was not followed.
If these companies go bust then it will be doing the accounting world a favour. If you want confirmation then go visit contractoruk.com/forums and look at reviews of these companies. Their IT and staff have been performing very badly for a long time. Once good companies have been destroyed. This hack is the nail in the coffin.
Good luck to all staff and start job hunting now. Existing customers can jump ship to other umbrellas and accounting companies.
At time of writing Clearsky's main website is up as normal, but their customer portal seems to be offline although they are resolving in DNS (to a Microsoft address block, so one presumes an Azure instance). They have NOT emailed their clients with any information, at least I haven't received any notifications from them.
The Register should perform more technical analysis of this hack. Is it a basic cloud ransomware exploit or the result of major misconfiguration and a lack of security by ParasolGroup and associated companies?
Biting the hand that feeds IT © 1998–2022