Brian Jackson -

Brookson and Parasol cyber attacks: Contractor complaints about delayed payments continue

Several weeks on from the suspected ransomware attack that blighted two of the umbrella industry’s biggest players, contractors are still chasing their missing money

Contractors across the UK are continuing to be blighted by the fallout from last month’s cyber attacks on two of the umbrella sector’s biggest players, with complaints persisting about delayed wage payments and disrupted communications.

Several weeks have passed since Parasol and Brookson Group were targeted in separate suspected ransomware attacks, which left both firms struggling to pay the thousands of contractors they both collectively employ.

In the time since the attacks, which occurred during the second week of January, both firms have issued statements suggesting they are in the process of resuming their normal operations, but their contractors have continued to complain of missing, delayed and incorrect salary payments.

A Parasol contractor, speaking to Computer Weekly on condition of anonymity, said – in the wake of the attack on its systems – he has not been paid by the firm since mid-December, leaving him out of pocket to the tune of at least £3,000.   

“My agency has paid the Parasol invoices, but Parasol are just sitting on my money and not paying me a single penny,” he said.

To minimise the disruption and damage caused by the attacks, both firms moved to proactively disable some of their customer-facing systems, rendering Brookson Group’s website inaccessible for several days.

This process is also known to have made it difficult for Parasol’s contractors to contact the firm over the phone, with the company advising its contractors to rely on its website’s Live Chat function to chase payments and contact the firm. “Yesterday, I had an hour’s wait on the web chat system to speak to one of their agents, and they said someone would get back to me and nobody did,” the contractor added.

TrustPilot reviews

The reviews Parasol has garnered on the business rating website TrustPilot in recent days suggest other contractors are in a similar boat, with many reporting missing payments or receiving erroneous amounts for the work they have done.

In a statement to Computer Weekly, Parasol said the company is “running daily payrolls” and “making great progress catching up on payments”, but acknowledged that some of its contractors are still chasing late payments.

“Our payroll system is now fully operational, which means all employees are receiving pay calculated in the usual way, and on their normal pay day. Any outstanding amounts owed will also be reconciled,” the company said.

“We are currently running daily payrolls and, although we are making great progress catching up on payments, there may still be some delay, and money may land in our employees’ bank accounts later than usual.”

It added: “As we transition towards restoring all of our systems, including phone lines, we recognise that service levels may remain impacted. If any employees are experiencing difficulties, we would urge them to get in touch via our LiveChat function straight away.”

Read more about cyber attacks on umbrella companies

Brookson Group, meanwhile, has also seen its review page on TrustPilot besieged with reports from contractors who are missing wages and experiencing difficulties when trying to contact the firm, with some chasing thousands of pounds’ worth of payments.

“We have not been paid for weeks, but our agencies have sent the money into Brookson,” said one reviewer. “We have been told [it will arrive] next week or by the end of the week too many times. We can’t pay bills.

“I was promised 60% of my gross monthly salary and got 50%,” wrote another of the firm’s contractors. “[I] can’t get an answer as to when the salary will be corrected and reconciled.”

In a statement to Computer Weekly, from Brookson Group CEO Andrew Fahey, the company said it has now restored its internally facing accountancy, tax and payroll systems, as part of its ongoing post-attack business recovery procedures.

“This is great news and we have started working to bring data from our contingency processes into our internally facing systems so that we can begin to deliver service as normal in as short a time as possible,” he said.

“Cyber crime is forever evolving and becoming more common in wider society, so while no organisation can eliminate the risks of this type of incident, we are working hard to resolve this matter as quickly as possible.

“In line with normal business service, customers will shortly receive updates on their VAT, PAYE and self-assessment processes,” the statement added.

Read more on Data breach incident management and recovery

Data Center
Data Management