Society management

Vice Society allegedly behind digital burglary at Optionis • The Register

Optionis, the group that includes umbrella and accountancy companies providing services to technology contractors, has confirmed that following last month’s digital breach, customer data was leaked online.

As we revealed in mid-January, Parasol Group, which provides payroll services to freelancers, shut down its IT systems for an extended period to deal with a serious attack, considered by some to be ransomware. Parent Optionis Group later said SJD Accountancy and Nixon Williams divisions were also affected.

In an email we saw, Doug Crawford, CEO of Optionis, today thanked the entrepreneurs for their “patience over the past few weeks.” “The incident is now under control and we have informed the police and the relevant authorities,” he continued.

“Our security team has now detected that some data belonging to Optionis has been copied from our system and we believe some of it has been leaked online,” he added.

The company claimed to have more than 13,000 contractors on its books last October.

Crawford confirmed that the group has not yet determined the “precise nature of this information”.

“We felt it was important to inform you of this development and we can assure you that we will inform you as a matter of urgency if we discover that personal data which may pose a high risk to you has been disclosed.”

So what is Optinois doing for the contractors as it continues to investigate the security incident? It partners with Experian, which has set up a dedicated helpline to answer any questions from affected freelancers.

This is the same credit reference agency that in 2020 sent the details of 24 million South Africans to someone claiming to be a customer.

According to infosec experts, Vice Society – the same gang that framed retail chain Spar last year – is behind the attack on Optionis. The gang’s leaked site includes thousands of documents, including spreadsheets, database files and folders that it claims were extracted from Optionis.

Brett Callow, threat researcher at Emsisoft, said The register: “Vice Society emerged in the middle of last year and deployed several ransomware families, including HelloKitty and Zeppelin. They do, however, appear to have some form of connection to the threat group behind HelloKitty, FiveHands and DeathRansom, but the la nature of the relationship is unclear.” ®