Telemarketing company suspends business following ransomware attack

Days before Christmas, employees at telemarketer The Heritage Company were told that they should start looking for new jobs.

The bombshell came two months after the organisation was infected with ransomware, which heavily affected its already struggling operations.

Whether an organisation pays the ransom or not (although we always advise against it), it can take anywhere from a few days to a few weeks to get back up and running.

Unfortunately, things didn’t go as planned for The Heritage Company. Let’s take a look at what went wrong and how you can avoid making the same mistakes.

Poor planning to blame

The Heritage Company’s first mistake was in underestimating how long it would take to resume normal operations following the attack.

Initial estimates were a week, but according to a letter to employees from CEO Sandra Franecke, the IT department kept pushing back the recovery timeline.

As this was going on, The Heritage Company suffered major cashflow issues. Its accounts department and mail centre were down, meaning it had no way of processing or receiving funds.

Franecke admitted that “had we known at the time that this would have hurt the company this badly, we would have made a statement to the employees long ago to warn everyone what this might mean”.

Buying time

The Heritage Company says there is still a possibility that employees could get their jobs back, provided the organisation can remove the malware soon. However, with such a long delay to production, the cost of disruption might have already become insurmountable.

Franecke said that she’d been paying staff wages out of her own pocket during the disruption, and there will come a time when that’s simply not feasible.

More to the point, employees won’t want to wait for the slim possibility of getting their old jobs back when they could be looking for work elsewhere.

A former employee told local news outlet KATV that few of her ex-colleagues believe The Heritage Company is going to reopen.

“I’m pretty sure they’re just buying time because they know as soon as they’re not going to reopen we’re going to have to get a settlement and I think they just don’t want us to take them to court.”

Avoid the same mistakes

Ransomware attacks can be scary. You suddenly find yourself no longer in control of your organisation and seemingly at the whims of faceless criminals.

If you’re not prepared for such a scenario, it’s easy to see why you might panic and make decisions that you soon regret.

And with the number of ransomware attacks spiralling, this is a position you are much more likely to find yourself in than in years past.

Fortunately, things are much more manageable when you plan for disaster. The reason ransoms are successful is organisations have no backup plan – a phrase you should take literally in this instance.

Backing up your data onto external servers means that, in the event of a ransomware attack, you aren’t beholden to the crooks to restore it.

Sure, they can threaten you with exposing the information publicly – but at that point, a data breach has already occurred and there’s little benefit in you paying up.

You’ll still be left with a hefty clean-up operation as you make sure the ransomware is eradicated from your systems and then transfer the backups over – but this is a small inconvenience compared to the fate suffered by the likes of The Heritage Company.

You can get expert help on responding to ransomware attacks – and other data breaches – with our cyber security incident response service.

Our expert consultants will guide you through the recovery process, from identifying the source of the breach and how to stem the damage to notifying the appropriate people and returning to business as usual.

Learn more

Unlock your potential with IT Governance's Rewards Club