Arkansas telemarketing firm blames ransomware for sudden holiday closure

The circumstances surrounding the alleged attack remain shrouded in mystery.

The CEO of an Arkansas telemarketing firm is blaming a ransomware attack for her decision to temporarily shut the company’s doors and leave workers unsure of their employment status just days before Christmas.

Sandra Franecke, in a letter to employees of The Heritage Company, said the business, which solicits money on behalf of nonprofit clients, was infected with malicious software about two months ago. Hackers “basically ‘held us hostage for ransom’ and we were forced to pay the crooks to get the ‘key’ just to get our systems back up and running,” Franecke said in a letter obtained by KATV, the local ABC affiliate.

Company IT staffers have been working in the time since to restore normal operations “but they still have a long way to go,” Franecke noted, without detailing the reason for the two-month notification delay or providing any information about the attack or the strain of malware.

The incident is the latest apparent example of how hackers are aiming ransomware at smaller companies or public sector targets that typically avoid the public eye. A New Jersey hospital system earlier this month said it paid a digital extortion fee to hackers who then unlocked its networks. This week, a mental health provider in Texas said it went offline due to another attack.


The ransomware incident has cost The Heritage Company “hundreds of thousands of dollars,” Franecke wrote. Still, in the months since, the business paid for a range of holiday perks — some employees got cruises — while struggling to function, if Franecke’s letter is to be believed.

“Once we were hit with this terrible virus we were told time and time again that things would be better,” the CEO wrote, according to KATV.

“Accounting was down and we had no way of processing funds,” the letter said. “The mail center was down as we had no way of sending statements out, which means that no funds could come in.”

The Heritage Company executives did not return messages Friday seeking comment from CyberScoop. The official website was offline at press time, and the firm’s Facebook page included no updates on the incident, despite recent advertisements for its services.

The exact number of affected employees was not immediately clear. One NBC outlet,, reported “more than 50” people were dismissed on Dec. 21.


Workers told various Arkansas news affiliates they were frustrated to be left in limbo around the holidays, particularly if the CEO knew of the financial difficulties for two months.

The plan now, according to the letter, is for employees to call a corporate communication line on Jan. 2 to learn the latest update “on the restructuring of the company and whether or not we’ve made progress on our system.”

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts