Schedulefly hit with a ransomware attack

Schedulefly hit with a ransomware attack

Today, January 3rd, 2022, we have our first significant ransomware attack underway. Currently, if you're in the hospitality industry, run a restaurant, hotel business, anything like that, you're going to want to pay attention. Schedulefly has been hit with a ransomware attack. We will get into that today and let you know what's going on.

We have two updates here, starting on January 1st. Not many people are talking about this, but Schedulefly, a prominent online cloud-based app that many restaurants and hotels and the hospitality industry use for scheduling and other purposes within their operations—posted on their Web site at, at two o'clock on January 1st (another ransomware attack over a holiday). We got hit with a ransomware attack. We are working with a firm that specializes in resolving these attacks. We are doing everything we can to get you back online quickly. Once we know more, we'll update this message. We don't have access to crib sheets or backups. It's all been encrypted and is currently unreadable on our end. We're sorry you have to deal with this—Schedulefly crew, Wes, Tyler, Wil, Charles, and Hank.

And I'm sure the five of those guys are not having a great new year when they wake up, and they figure out that all of their data has been encrypted, including, unfortunately, their backups as well, which is one of the big things that we talk about a lot. Make sure that your air gaping or separating your backups so these things can't happen because these cybercriminals, once they get into your network, this essential data are what they're looking for. They're looking for where is your important stuff. Anything and everything that they can find (of value) to leverage getting paid are their objective and what they're doing.

On January 2nd at noon, we got another update from the Schedulefly team. It says, "We have a firm helping us. We wish this could be resolved today, but it won't be. Please plan not to have Schedulefly this week. We will post a more comprehensive video or message update later today or first thing tomorrow." So it seems like they're trying to get ahead of this, but it looks like a lot of ransomware attacks that we see have taken this company by surprise. It seems like their incident response plan was to reach out to a third-party cybersecurity company that they probably didn't have a prior relationship with. So there is a lot they will have to figure out over the next couple of days at Schedulefly.

As we saw with the Kronos ransomware attack recently, where they told people, "Hey, we're going to be down for three weeks. Don't expect anything. Expect to be without our systems. So figure out alternative means." And we hear the same thing here from Schedulefly, where they want you to understand that it's going to be a while before their systems are back up and running, and this may impact your business. So be ready. So if you use Schedulefly, you're going to have to do something about this today.

Schedulefly is a cloud-based scheduling software designed for the hospitality sector, especially for restaurants. It helps facilitate communication within workplaces and ensures smooth operations. Users can access this solution via mobile or PC. Users can inform their staff about shift changes, online trades, and more by sending them emails or messages. They can upload necessary files and documents to the Schedulefly database and share them with staff when required. Users can manage scheduled hours and labor costs within Schedulefly, and the solution help users organize their staff, as all previous and current contact information is recorded in the database and lets executives record time-off request, which users can approve or decline at their convenience. It gives a clear view of the available resources for that day and the managed task conveniently.

So it seems like there could be some pretty juicy information kept within the databases over at Schedulefly. First off, what's collected in this database is data you use to manage your people. Many business owners and professionals think of these cloud services that they use inside their businesses like internal tools. So the information that they put in there may look at it as this is only internal, like only the people inside this company see this. So you're more willing to put more private information because your thought process is this will never make it out into the public until you get hit with ransomware. Then they double extort you and threaten to release all that information they have in public.

And one of the other interesting points that this brings up with this Schedulefly ransomware attack is that many people move to the cloud for this reason, for security, so they don't have to worry about this "security stuff" themselves. They rely on a company like Schedulefly to do that for them. It streamlines and makes a lot of the "IT stuff" required when you host your database and applications, something you don't have to deal with. Believe it or not, there's a lot of things that go into properly securing servers, applications, and all the things on the backend that run this stuff.

Many companies will move to the cloud to don't have to deal with all the effort required for proper security. And when you do make that move, that shift to the cloud, a lot of people think, "I'm not going to have to worry about ransomware attacks and things going down because I'm not responsible for that. The company that I hired is." But the problem starts when these services like Schedulefly have an issue, and they're not available to you. Then what do you do?

We saw it recently with Facebook going down, and Amazon had a problem in the last month or so. And now, today, you see a software like Kronos, which many companies use for paychecks, payroll, and HR. And now Schedulefly that many restaurants, bars, and hospitality companies use to schedule their and make sure things run smoothly. When they don't have this at their fingertips, it makes it hard for them to deliver a good experience or know what's happening in their restaurant, facility, catering company, or what have you. So big deal, Schedulefly software is down due to ransomware cybercriminals. They're trying to recover. Again, they have messages posted on their website. It seems like they're trying to do the best they can to get back up and running, but they are in the midst of a ransomware attack. Hopefully, they can get through it and continue to operate.