Sounds like a crack team for dealing with an IT outage
"... we immediately assembled a response team including IT data experts and specialist lawyers,..."
Giant Pay – an umbrella company used by contractors across the UK – has confirmed "suspicious activity" on its platform is behind a days-long ongoing outage that has left folk fretting about whether they'll get paid this month. In an update on its website today, the firm said: "Upon detection of suspicious activity on our …
Yeah, the lawyers thing. What the hell are they supposed to be doing at this point in time ? GDPR control to ensure that the IT guys aren't sneaking peeks at payroll data ?
You solve the technical problem, then you bring in the lawyers to sue somebody's pants off.
This is putting the cart before the horse. That rarely works well.
Unless . . . unless the lawyers are already drafting a defense against the sueballs that will be coming their way.
That might be it.
I would imagine that the solicitors are working to minimise the liability of directors as suggested by your last sentence.
There could be a range of liabilities as I gather that this company is acting as an intermediary between the IT person and a larger company in such a way that NI and tax payments are involved. Quite a few parties in a range of contracts there.
Best of luck to all those involved.
You're assuming a technical issue.
I read it as an organised fraud attempt, in which case understanding their legal obligations and to whom they really shouldn't send any money is quite important.
That it causes delays in payroll is of course horrible for anybody living near the line, but it sounds like they're trying to mitigate that too.
It took the lot I was with Agency > Umbrella 8 weeks to pay the first payment.
Then another for the second week, any excuse to slow payments down.
They wanted me to issue an invoice, I said no problems as long as you pay the VAT as well.
It seems that Agency was paying from the Netherlands and so was the Umbrella company.
This was too smelly for my liking and I quit, looking for Outside IR35 role only.
This post has been deleted by its author
"It took the lot I was with Agency > Umbrella 8 weeks to pay the first payment."
Not this lot, but, that happened with the crowd I was with earlier, and then the agency folded, and along with it the 2 months due from the time I was with the umbrella, and the month before that due to the changeover to IR35, the amount was outstanding from the agency.
I doubt I'll even see even a few pennies in the pound once the liquidator finishes charging their fees into the frozen bank accounts of the agency. This was at the start of the first lockdown/IR35 deadline (which actually got postponed, but the client forced the switch - and the client - "nothing to do with us", in terms of any liabilities - and it's a BIG company - and no government help either
Ah yes "Inside IR35" - My new contract with massive Gov department forced me into under IR35, OK great, so you consider me an employee then, fine. Then the project was canned after two months and guess what - they dumped all the contractors but not the permies, so perfectly illustrating where the bleeding risk was there lads eh? Total shit show this poxy country. Roll on retirement and sunnier climes.
Slightly annoyed that the agency I contract through pays OutsIde IR35 contractors within 14 days of receipt of funds but pays Inside IR35 contractors 30 days after funds received from the client (which can be 180 days). I am still waiting to be paid fo work done in May 2021.
In my contracts with two large aerospace companies on the continent, contracting to a European intra-government body, my quarterly invoices were often paid between six to nine months after the invoices were issued. In subsequent frame contracts, the client inserted clauses which would penalise prime contractors and allow sub-contractors to be paid directly from the client if invoices weren't paid on time - and they suddenly managed to pay within 30 days.
Looks like there is more to this than meets the eye
"Upon detection of suspicious activity on our network on 22nd September 2021, we immediately assembled a response team including IT data experts and specialist lawyers, and we are currently working with the highest priority to resolve this issue. As part of the investigation and as a measure of caution, we have proactively taken our systems offline and suspended all services temporarily. We are also liaising with regulatory bodies to investigate and remediate the situation. We can confirm that our databases are encrypted.
As an interim measure, and to ensure that payment is made to your account on 24 September, we will pay you the same amount that was paid to you last week. This will be paid via Faster Pay and will be in your account by the end of the day. As soon as possible, we will confirm that your payroll is back to normal. We appreciate that this is not ideal, but we wanted to ensure that you receive a payment.
We apologise for the disruption and appreciate your patience whilst we investigate this matter and work to restore functionality."
https://www.giantpay.co.uk/
It does help if someone gets hold of the raw database files though, it does mean you can't mount them on another server without the encryption key.
Of course, if someone's been daft enough to store that in the same directory as the database files, you might as well not bother in the first place...
This post has been deleted by its author
Thats the one thing really pissing me off, Absolutley no way of contacting them and no notification from them. Really how hard is it to send an email or at least put a proper notice on their front page!!
It's not just this otage, for the past month at least they have not been replying to any of my requests. They do action them but they never reply to support rquests. What ever happened to being able to actually speak to someone on the other end.
Another case of a company getting too big to actually take care of their customers. We're forced into this situation by IR35, not by choice!
Thanks Boris, I've got the Lube ready for when you want to bend me over some more!!!
This has been offline for days now, so what's the actual issue, do we have a serious data breach, are the accounts being raped and pillaged by marauding vikings or just the Hamburgler looking for burger money??? The communication has been non existent. This should be shocking, but alas except for taking their pound of flesh for little service, they have no purpose.
Absolute joke (on us contractors) - the updates on the website have been sporadic with no time, just the same date and the message keeps on changing 'everyone will get paid today' to 'Where possible, an interim payment will be made to you today, 24 September'. Not a happy Friday.
They run a Windows network and the file systems is encrypted. The lawyers are seeking an injunction against unknown Russian/Chinese/North Korean hackers to stop them revealing anything, while options are sold before the share price tanks. The internal tech team are being assisted an external elite team that's been engaged to show the world the company takes security seriously and are working to shut the stable doors. Meanwhile the internal team are explaining to the elites they've been asking the c-suite to take security seriously for the past 5 years, but it's fallen on deaf ears and are learning they should be getting a position with the elite team considering their daily rate and the fact the external team don't have any greater skills they they do, just a better marketing department.
...How many contractors have been hit by this and what can they do to get paid?"...
Well, I suppose they could go back to the pre-IR35, umbrellaless days.
Bill directly, submit invoices and actually get paid some time after hell's frozen over, with sod-all chance of anything remotely like an apology or an interim payment.
Just remember, the "Good Old Days" had things like the Three Day Week, British Leyland cars, British Rail and GPO telephony in them.
See also: Rose tinted spectacles, repeating the mistakes of history.
Woke up today to find out I hadn't been paid. As others have suggested, minimal comms from Giant, no one available to speak with in person, no one replying to emails.
Personally I am owed a five figure sum from Giant and I am now doubting I will ever see any of this.
Fear not, my agency and the end client are expecting me to turn up as usual today.
Simple question as I don't understand some of the finer nuances of all the IR35 stuff.
Why do you need an umbrella company if you are being engaged through IR35 or maybe why is IR35 forcing you to use umbrella companies?
It is not that long ago there was a huge hoo-ha (with many comments against them on El Reg) about umbrella companies with many stating there were for "mitigating" tax etc.
It’s totally unsurprising they’ve been hacked with a result as chaotic as this.
Their timesheet portal seems to be same used by their staff for back office - am I imagining it or are they running a single monolith for all functions?!
When one is down, all of it is down. When you can’t submit timesheets their staff seem to lose access to information at the same time ‘we’ll make a note of it and get back to you later’. It is an appallingly bad application. They sure charge enough for it too - they’re certainly not investing any of that back into technology, least of all security.
The UI looks to have been hacked together by a temp some times in early 1997. I dread to think what their backend looks like. It’s clear they invest close to zero in their IT, and I eagerly await more info on the hack. I bet it’ll be a case of ‘exploited via the web application from an exploit documented by owasp 15 years ago with the rest of the system wide open’.
And as for their comms… quite unable, even unwilling, to communicate effictively at the best of times it’s clear that they operate with total disdain for the contractors on their books.
Giant is a solid example of a terrible, terrible company.
Yes they said early on that they had to take everything down including their phone and email system in response to the same 'issue' so if that's what you mean by a monolith, this appears to be the case, yes.
Like many others I'm sitting on 5 weeks of unpaid work, and cursing the stupid legislation that led to this debacle. Having been signed up to a decidedly dodgy umbrella in my first encounter with the things I was already wary of using them, but had at least thought a legit outfit like Giant would be competent at paying people.