Hackers last week breached the network of one of the world’s largest accounting software platforms, according to some U.S. accounting firms, bringing much of their work to a halt this week.
According to some customers who spoke with CNBC, the hackers planted malware on servers operated by Dutch firm Wolters Kluwer. The nature of the malware wasn’t stated, but the effect is said to be far-reaching.
Wolters Kluwer provides support to the 100 largest American accounting firms, as well as most major international banks and Fortune 500 companies. Customers say many of the company’s online services have been unavailable since Monday, causing a ripple effect across the industry.
According to Accounting Today, customers using Wolters Kluwer’s cloud-based services noted that the products were unavailable at the beginning of this week. Wolters Kluwer later issued a statement via Twitter, saying it had discovered malware on its servers and took them offline as a precautionary move.
“With this action, we aimed to quickly limit the impact this malware could have had, giving us the opportunity to investigate the issue with assistance from third-party forensics consultants and work on a solution,” the company reported. “Unfortunately, this impacted our communication channels and limited our ability to share updates. On May 7, we were able to restore service to a number of applications and platforms.”
Complaints from customers
But a number of customers posted complaints on social media, saying the updates they needed were still unavailable. One poster said even the company’s customer support site was down.
The company told Accounting Today that it has seen no evidence that customer data was compromised. It also has no evidence suggesting that customers’ systems have been infected.
“Our investigation is ongoing,” the company said. “We want to apologize for any inconvenience this may have caused.”
Because so many accountants rely on services from Wolters Kluwer, one person at a large Midwest firm said the accounting industry is in a ‘quiet panic” over the breach because many firms are still unable to access their clients’ financial data.