Blog
Image result for The Heritage Company ransomware

Company tells employees to seek new employment after suspending all operations right before Christmas.

A telemarketing company based in Arkansas sent home more than 300 workers and told them to find new jobs after IT recovery efforts had not gone according to plan following a ransomware incident that took place in early October 2019.

The employees of the Sherwood-based telemarketing firm The Heritage Company were notified of the decision just days before Christmas by letter from the CEO of the company.

Speaking with local media, employees said they had no idea the company had even suffered a ransomware attack, and the layoffs were unexpected, catching many off guard.

“Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running,” wrote Sandra Franecke, the company’s CEO, in the letter sent to employees.

She goes on to say that the data recovery operation, originally estimated at one week, did not go according to plan and the company failed to recover full service by Christmas.

Franecke said the company lost “hundreds of thousands of dollars” because of the incident and have been forced to “restructure different areas in the company.”

As a result of the ransomware recovery process, the company’s management decided to suspend all services, leaving more than 300 employees unemployed.

Local news outlet KATV reported last month that dozens of employees already filed for unemployment with local authorities even before the Christmas holiday, with many not expecting the company to survive.

NO PROGRESS ON RECOVERY EFFORTS OVER THE HOLIDAYS

Franecke left the door open for workers to get their jobs back, asking employees to call back on January 2 for a status update if IT personnel were to make progress with data recovery efforts during the holiday season.

KATV confirmed that when workers called the company yesterday, they received a recorded message telling them that the recovery efforts had not been successful and that users would seek new jobs.

“Though we have made progress, there is still much work to be done. With that in mind, we do not prevent you from searching for other employment. Please take care of yourselves, your loved ones, and have a happy New Year,” the message said.

A former The Heritage Company employee told KATV that they’ve lost any faith the company is going to ever recover from the ransomware attack.

“Most of us are convinced that they’re not going to reopen. I’m pretty sure they’re just buying time because they know as soon as they’re not going to reopen we’re going to have to get a settlement and I think they just don’t want us to take them to court,” the employee told KATV.

SIMILAR CASES

What happened to The Heritage Company is not an isolated incident. Over the past two years, there have been many cases where smaller companies decided to shut down for good, lacking the funds to pay a ransom demand to get their data back or lacking the funds needed to rebuild their IT infrastructure.

For example, in April 2019, doctors at a medical practice office in Michigan decided to shut down their business and retire one year ahead of schedule, rather than deal with the fallout from a ransomware infection.

Similarly, a second medical office, based in Simi Valley, California, reached the same conclusion in September 2019, deciding to shut down all operations after they were infected with ransomware a month before and lacked the funds to pay the ransom.