Hundreds of UK businesses may have had confidential data compromised following a cyber attack at Sage, the tech giant that supplies accounting, payroll and payments software for businesses worldwide.
Is your business among the 280 thought to be affected?
How did the Sage hack happen?
A data breach at Sage has potentially compromised the personal information of employees at as many as 280 UK businesses – and an internal login appears to have been used to gain unauthorised access to the data.
Sage is one of the UK’s largest tech companies and will become the nation’s only blue chip tech company when Softbank’s buy-out of Arm Holdings goes through later this year.
More than 6 million small and medium-sized businesses (SMEs) using its software across 23 countries, but Sage has confirmed this breach will only affect those based in the UK.
What is a ‘cyber attack’? – find out here.
What is a ‘cyber attack’? – find out here.
Around 200 of its current UK business customers have been informed that their information — including employee bank account details and salary information — may have been affected by a data breach.
The hunt for the hackers
Sage informed City of London police of the breach over the weekend but the force, which has jurisdiction over fraud and cyber crime cases for the entire UK, has not yet confirmed whether it has yet opened an investigation.
The Information Commissioner’s Office (ICO), which enforces the Data Protection Act, has also been informed.
A Sage spokesperson said: “We are investigating unauthorised access to customer information using an internal login.
“We cannot comment further whilst we work with the authorities to investigate – but our customers remain our first priority and we are speaking directly with those affected.”
If the ICO decides that Sage has been negligent there are a number of actions it could take, including criminal prosecution, non-criminal enforcement, or undertaking an audit at the firm.