Ransomware: cyber attack on temporary employment agency randstad

The internationally operating temporary employment agency randstad has become victim of a cyber attack by the egregor group, the company’s servers with ransomware infected and now published data.

Randstad makes cyber attack public

On thursday, the 3. December 2020, randstad announced that ‘short-term’ a cyber attack to the company it took place. Once this attack was noticed on the it networks, the company has activated the existing emergency tarpaulins for the it systems for such trap. An internal incident response team incorporated the work invisible and added external cyber safety and forensics experts to investigate and resolve the incident.

The company indicates that global males were taken immediately in order to protect the attack and at the same time protect the systems, drain and data from randstad. It is asserted that only a limited number of servers was affected. The systems of the company were continuing without interruption, there was no business interruption.

In the public message, it is called that there is no indications for current knowledge that systems of third parties were impacted by the ransomware. The status regulatory ability and law enforcement may have been notified by randstad. Furthermore, the investigation showed that the egregor group is responsible for the attack of the global it environment. This group has begun to unopolit a small part of the captured documents.

Egregor group publishes data

According to bleeping computer, the egregor ransomware group has published a 32.7 mb archive with 184 files. This archive is intended to include about 1 percent of the captured randstad data and contains spreadsheets, financial reports, contracts, and various other business documents deducted by the ransomware from the servers and were transferred to the calculators of cybercriminals. The exact scope of the captured data is still unclear. Randstad, however, writes that in connection with the cyber attack data from business taxes in the us, poland, italy and france are affected.

The egregor-ransomware group has started its activity until mid-september 2020 after the ransomware gang maze has set its operation. Egregor offers ransomware as-a-service for other cybercriminals, which preserved 70 percent of revenue, while the egregor-hintermanner retains 30 percent. The egregor ransomware group is now responsible for numerous ransomware attacks on companies such as crytek, ubisoft and barnes and noble.

Randstad is a company founded in the netherlands for personal services and temporary work, which is active in around 40 countries. In 2019, around 38.000 employees generated sales of 23.7 billion euros.