This article is more than 1 year old

Maersk prepares to lay off the Maidenhead staffers who rescued it from NotPetya super-pwnage

Staff found out after seeing their own jobs advertised in India

Exclusive Maersk is preparing to make 150 job cuts at its UK command-and-control centre (CCC) in Maidenhead – the one that rebuilt the global shipping giant's IT infrastructure after the infamous 2017 NotPetya ransomware outbreak.

The redundancies will see some jobs outsourced to India, according to employees who have been caught up in the process.

Company insiders told The Register they were first made aware of the situation in January, when confused staff found job adverts online for their own roles, posted by Indian outsourcer UCS, which is understood to be taking over the running of an outsourced CCC for Maersk.

At the beginning of February, staff in the Maidenhead CCC were formally told they were entering into one-and-a-half month's of pre-redundancy consultation, as is mandatory under UK law for companies wanting to get rid of 100 staff or more over a 90-day period.

In a memo on 5 February - seen by us - Declan Murphy, Maersk's senior director for global IT support operations and engineering, said: "Approximately 150 roles are impacted and the consultation process for colleagues that are affected will take place over the next 45 days."

The Technology division has seemingly been separated from a "new Services, Operations and Engineering organisation," wrote Murphy. He said Maersk was also "introducing" roughly "55 new roles within the new structure."

The CCC team runs the security operations centre but also covers infrastructure, DBA, network, Azure and other functions.

"In effect, our jobs were being advertised in India for at least a week, maybe two, before they were pulled," said one source. The Register asked Maersk to comment on 28 February and yesterday emailed Murphy for comment.

The team assembled at Maersk was credited with rescuing the business after that 2017 incident when the entire company ground to a halt as NotPetya, a particularly nasty strain of ransomware, tore through its networks, encrypting and locking up everything in its path before showing messages demanding a ransom of $300 per device.

As recounted by Wired magazine, the effort to rebuild thousands of servers and individual devices was led by Maersk personnel in "an eight-stor[e]y glass-and-brick building in central Maidenhead" where the fourth and fifth floors were dedicated to the ransomware response.

Those teams rebuilt around 4,000 servers and 45,000 PCs and other devices, as we reported the year after the super-infection. ®

More about


Send us news

Other stories you might like