Payroll software provider Apex Human Capital Management suffered a ransomware attack that severed payroll management services for hundreds of the company’s customers for nearly three days.
Apex was alerted that its systems had been infected with a destructive strain of ransomware that encrypts computer files and demands payment for a digital key needed to unscramble the data.
The company quickly took all of its systems offline and began notifying customers that it was trying to remediate a security threat.
Apex chose to pay the ransom demand and begin the process of restoring service to customers.
Source: https://krebsonsecurity.com/2019/02/payroll-provider-gives-extortionists-a-payday/
TPRM report: https://scoringcyber.rankiteo.com/company/apexhcm
"id": "ape21216223",
"linkid": "apexhcm",
"type": "Ransomware",
"date": "02/2019",
"severity": "75",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 'Hundreds',
'industry': 'Human Resources',
'name': 'Apex Human Capital Management',
'type': 'Payroll Software Provider'}],
'attack_vector': 'Ransomware',
'description': 'Payroll software provider Apex Human Capital Management '
'suffered a ransomware attack that severed payroll management '
'services for hundreds of the company’s customers for nearly '
'three days.',
'impact': {'downtime': 'Nearly three days',
'systems_affected': 'Payroll management services'},
'motivation': 'Financial Gain',
'ransomware': {'data_encryption': True,
'ransom_demanded': True,
'ransom_paid': True,
'ransomware_strain': 'Destructive strain'},
'response': {'communication_strategy': 'Customers notified',
'containment_measures': 'Systems taken offline',
'incident_response_plan_activated': True,
'remediation_measures': 'Ransom paid, service restoration '
'initiated'},
'title': 'Ransomware Attack on Apex Human Capital Management',
'type': 'Ransomware Attack'}