Protect your PC

Ransomware Costs 300 Jobs

The Heritage Company forced to close days before Christmas

In October, The Heritage Company telemarketing company in Sherwood, Arkansas was hit with a ransomware attack that devastated their network. In a letter to employees, CEO Sandra Franecke explains how systems were down across the company. Even after paying the ransom, Franecke explains that the IT professionals at Heritage still weren’t able to get systems back in working order. It affected billing, accounting, marketing, and other essential business functions.

Devastating news

A few days before Christmas, Franecke released a letter to all 300 employees of The Heritage Company.

“Dear Employees of The Heritage Company,

I know that you are all angry, confused, and hurt by the recent turn of events. Please know that I am just as devastated as you all are, especially that we had to do this at this particular time of year.

Please know that we would have NEVER gone to this extreme if we were not forced to. Now is the time to be honest and open about what is REALLY happening so that all of you know the truth, directly from me, especially since some of you have incorrect information and the spreading of untruths thru social media is damaging us further.

Unfortunately, approximately two months ago our Heritage servers were attacked by malicious software that basically “held us hostage for ransom” and we were forced to pay the crooks to get the “key” just to get our systems back up and running. Since then, IT has been doing everything they can to bring all our systems back up, but they still have quite a long way to go. Also, since then, I have been doing my utmost best to keep our doors open, even going as far as paying your wages from my own money to keep us going until we could recoup what we lost due to the cyber attack.

I know how confusing this must be, especially after we just gave away 7 cruises just this week, but again, that was money that I spent out of my own personal money to give you the best Christmas gift I possibly could, but that was before our systems were hacked. Afterwards I didn’t want to disappoint everyone by taking them back. We started the Prizes and Bingo the first of November when again I was being told the systems would be fixed that week.

What we hope is just a temporary setback is an opportunity for IT to continue their work to bring our systems back and for leadership to restructure different areas in the company in an attempt to recoup our losses which have been hundreds of thousands of dollars.

It is extremely important right now that we all keep the faith and hope alive that The Heritage Company can and will come back from this setback. It is also important that we all keep to the facts and keep calm. And so, I ask that you please share this with the employees who may not be on this page or may not have Facebook. To share this out of the group, you will need to copy the text of this post and share it as your own status.

Please know that when I made my speech at the “Future is Bright” luncheons, everything was sincere and heartfelt. We had no way of predicting that our systems would be hacked at that time. Once we were hit with this terrible virus we were told time and time again that things would be better each week, and then the next week, and the week after that. Accounting was down and we had no way of processing funds. The mail center was down as we had no way of sending statements out, which meant that no funds could come in.

Had we known at the time that this would have hurt the company this badly, we would have made a statement to the employees long ago to warn everyone what this might mean. The ONLY option we had at this time was to close the doors completely or suspend our services until we can regroup and reorganize and get our systems running again. Of course, we chose to suspend operations as Heritage is a company that doesn’t like to give up.

I also want to apologize for the way many of you found out we were closing our doors. When we left the meeting yesterday afternoon, everyone had a plan for what was to happen, but we never considered that the word would spread so fast and far to each of you before your managers could speak to the employees who had already gone home for the day. No one is sorrier than I about you finding out from other sources who did not necessarily have the correct information.

So here it is: The Heritage Company is temporarily suspending our services. On January 2nd, there will be a message left on the weather line. That message will give you updated information on the restructuring of the company and whether or not we’ve made progress on our system.

In the meantime, I urge each and every one of you to please keep faith with us. We know how extremely hard you all work for each of the wonderful charities we all represent. We want you all back where you belong in two weeks’ time. We are a family, and my hope is that we will stay a family for a long time, despite this setback.

My mother started this company 61 years ago, and I am committed to keeping Heritage open if it is in my power to do so.


Sandra Franecke,

Owner and CEO,

The Heritage Company”

What’s next?

Franecke is still hopeful that The Heritage Company can come back online and resume business. She’s encouraged employees to check back in on January 2nd to see if their jobs are available. This leaves many scrambling to find work in a shaky economy and during the holiday season.

As we move into the New Year, ransomware will continue to plague businesses of all sizes across the United States. The best solution is a good defense program based in application whitelisting.

PC Matic Pro works across a multitude of businesses ranging from Enterprise level to small businesses like The Heritage Company.

For a list of ransomware attacks that have already taken place in 2019, you may click here. We have also created a map, see below, of the ransomware attacks that have taken place in the U.S.

 3,486 total views,  1 views today

(Visited 1 times, 1 visits today)

4 thoughts on “Ransomware Costs 300 Jobs”

  1. While the letter employs the usual comforting language and perhaps reflects the management’s shared pain, crucial information is missing. To begin moving forward, at least the following points need to be addressed:

    1. Technical details: How did the attackers break in and what ransomware was used?
    2. What decision-making process was involved with paying the ransom? Note that this is virtually always a bad idea, so a serious explanation would be in order.
    3. Why were systems not fixable even after paying the ransom?
    4. Why was IT unprepared? In particular, what about their file backup strategy (if any)?
    5. What are you going to do to prevent this type of incident in the future?

  2. Unfortunately, this story is all too common. And very sad for those affected.
    Zero trust and MFA are really the only solid defenses at the moment.
    I understand the PCMP product and properly deployed, it can be a good tool in the arsenal.

  3. Her Mother started the Co 61 years ago and these scoundrels destroyed it? These scoundrels should be sent to jail BUT before that they should be stripped to the waist and each get 100 lashes!!!!

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.