A fundraising company based out of Sherwood Arkansas has been forced to shut down post a crippling cyberattack that took place in October last year.
According to local reports, The Heritage Company, in business for over 6 decades, had to lay off 300 employees just before Christmas.
On this, CEO Sandra Franecke in a December message to employees explained, “Unfortunately, approximately 2 months ago our Heritage servers were attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the key just to get our systems back up and running.”
She also added that post the attack, IT has been trying their best to replenish the system and retrieve system backup. However, the journey is long, and they still would take time. She also mentioned that since then, she has been doing her best for the company operation, and The Heritage Company has even spent money from their own pocket to pay wages and keep the company going until the situation comes under control and the loss due to the cyberattack is recouped.
Additionally, CEO Sandra Franecke mentioned that the ransomware played around with the firm’s accounting system and mail center and put the company in a fix as there was no way to process and receive funds or to send out statements.
On a positive note, The Heritage Company that describes itself as the “premier and most experienced professional tele-fundraiser in the nation,” has not lost hope and believes that this is not the end of the road for a company which has been a consistent player in the fundraising genre for over 60 years.
On this, CEO Franecke said, “The ONLY option we had at this time was to close the doors completely or suspend our services until we can regroup and reorganize and get our systems running again. Of course, we chose to suspend operations as Heritage is a company that doesn’t like to give up.”
Graham Cluley, the security expert, observed, “It would be easy to say that it wasn’t ransomware which brought about the apparent demise of The Heritage Company, but instead a lack of secure backups and a resilient disaster recovery plan.”
This incident is a timely reminder of the horrifying aftereffects ransomware can leave on small and mid-sized businesses that are dependent on mission-critical IT systems, with fewer resources or knowledge to mitigate the cyberattack risk.