company Umbrella

Brookson, an umbrella company, refers to NCSC after a cyber attack on its network

ra2 studio – Contractor payroll, accounting and compliance firm confirms its networks have been targeted by an ‘extremely aggressive’ cyber attack that has resulted in some of its systems being proactively taken offline By Caroline Donnelly, Senior Editor, UK Published: 14 Jan 2022 13:40 Cheshire-based contractor payroll service provider Brookson Group has referred itself…

ra2 studio –

Contractor Payroll, Accounting and Compliance firm confirms that its networks were targeted by an “extremely aggressive” cyber attack. Some of its systems have been proactively taken offline

Caroline Donnelly


Published: 14 Jan 2022 13: 40

Cheshire-based contractor payroll service provider Brookson Group has referred itself to the UK National Cyber Security Centre (NCSC) after its networks were targeted by an “extremely aggressive” cyber attack last night.

The company, which specializes in providing compliance, payroll processing and accountancy services to contractors, has confirmed the attack in a LinkedIn post written by Andrew Fahey, CEO of Brookson Group.

According to Fahey, the attack against its networks was immediately detected by the company and contained. This allowed the firm to take “necessary preventative steps” to ensure that no supplier or customer data was compromised. He explained that Brookson’s services including its phone lines will be inaccessible to outside networks until Brookson makes changes.

” This type of attack can be very aggressive,” Fahey wrote. “Our technical security and security teams worked through the night to validate our network infrastructure. We also hired the services of a dedicated provider of digital forensics to validate our network infrastructure before we reactivate any services.”

He added: “This incident was reported to the UK National Cyber Security Centre .”

The post was also intended to reassure contractors who provide services to end clients through Brookson’s umbrella company arm, that they are being paid on time.

” Our objective is to make sure all customers who are due for payment by Friday [today], receive them,” Fahey said. “Hopefully you will see that there is a delicate balance between security and pace. We will do our best to minimize disruption to our customers and provide regular updates .”


According to Brookson’s most recent set of accounts, filed with Companies House in July 2021, it has more than 15,700 clients on its books, including contractors and freelancers working across a variety of industry verticals.

Fahey posted a follow up post on Linkedin a few hours after his initial missive. He stated that a scan of the company’s infrastructure was done by its digital forensic partner. This showed that no data had been compromised in the cyber attack. It is not clear when the company’s systems will be operational again, even though it appears that they are.

” We are in contact with all our partners in recruitment agencies and have contingency plans for payroll services in place in case of delays,” stated Fahey.

News of the attack on Brookson follows news that fellow umbrella company Parasol is in the midst of an ongoing systems outage that has left it unable to pay the contractors it represents for several days now.

As Computer Weekly previously reported, Parasol’s root cause remains unknown. However, some contractors have criticised the firm’s response as being too slow and lackluster.

The Brookson incident also comes several months after another umbrella company, Giant Group, suffered a suspected ransomware attack that also left it unable to process the salary payments of its contractors.

Fahey closed his second update by stating that the company would share the lessons learned from the incident with the rest of industry once it is resolved. This will help them to avoid being victim to another attack.

” We are touched by the support offered by our customers and industry in general for this debilitating, malign attack. We will – of course- share our defense strategy with any future affected parties once it is resolved.” he said.

Read more on Data breach incident management and recovery

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *