Remote and Payoneer acquisitions to give 'HR leaders the confidence to hire across borders'
January 21, 2026
John Brazier
April 12, 2023
SD Worx pauses HR operations after cyberattack
3 min read
HR leaders, don't miss out: Join us in Las Vegas for free as a VIP guest at UNLEASH America.
This piece been updated for clarity.
2022 was the second highest year on record for attempted ransomware attacks, according to data from SonicWall.
In addition to seeing 493.3 million ransomware attempts, 2022 saw 112.3 million internet of things malware attacks (an 87% increase on 2021 figures) and a record high in crypto-jacking attacks at 139.3 million.
Clearly, cybersecurity is a real threat to business – with SonicWall finding those based in the US, the UK and Spain to be particularly at risk.
And no element of a business is immune from cyber attacks. Within 18 months of UKG's being hit by a ransomware attack impacting the ability of organizations across the globe to pay their employees on time, the UK branch of payroll giant SD Worx has been rocked by a cyber attack. As a result, the company moved to shut down its IT infrastructure in the UK and Ireland.
A SD Worx spokesperson tells UNLEASH: “The SD Worx security team has detected unauthorized activities in its hosted UKI data center on [Monday] 10 April, affecting SD Worx customers in the UK and Ireland.
"There is no impact for customers in other countries.”
SD Worx customers in the UK include Asda, M&S, WHSmith, and Chester Zoo.
The spokesperson continues: “SD Worx has taken immediate action and has preventively isolated all systems and servers to mitigate any further impact for its customers in the UK and Ireland.
"As a result, there is currently no access to the systems for them.
Cybersecurity and HR vendors: Should HR be worried?
Evidently, SD Worx moved swiftly – the spokesperson shares: “Overnight SD Worx has made good progress to re-establish its operational systems in a controlled manner. As the security of the data is of the highest importance it is appropriate that this process is completed in a secure and controlled way.
SD Worx is also looking to support customers who need pay their staff this week by providing alternative solutions.
While the attack doesn’t appear to have had a long-term impact on payroll for SD Worx customers - unlike the situation with UKG in 2021 - to what extent should SD Worx's UK clients be concerned about a potential data breach?
“SD Worx emphasizes that it applies extremely stringent organizational and technical security measures to secure the privacy and data of its customers at all times.
"The reason why SD Worx has pre-emptively isolated the systems is to mitigate any further impact and to adequately assess the situation.”
These types of cyberattacks really emphasize how much not just IT, but HR, needs to really focus on having top-notch cybersecurity provisions in house.
SonicWall’s vice-president for EMEA Terry Greer-King tells UNLEASH: “HR is the custodian of employee information, taking care of all sensitive data, which makes it a prime target for bad actors. The exposure of this data, commonly highly sensitive whether of a personal or a business-related nature, could put a company’s security, safety and reputation on the line.
“They also need to work closely with the IT department, leading employee training to avoid clicking on any stray malicious links, becoming an easy loophole for hackers.”
The International Festival of HR is back! Discover amazing speakers from the world of HR and business at UNLEASH America on 26-27 April 2023.
Related
