The Kronos ransomware assault might have a long-term impact on staff wages and timesheets

29th December, 2021.      //   Crime  // 

On Monday, Ultimate Kronos Group, one of the major human resources organizations, revealed a catastrophic ransomware attack that impacted a lot of employees’ payroll systems. Kronos’ systems were down on Saturday after “strange activity” was noticed, and it could be out for several weeks.

The city of Cleveland, the Metropolitan Transportation Authority (MTA) of New York, Tesla, and MGM Resorts International are among Kronos’ significant public and private sector customers. It also collaborates with a number of hospitals around the United States. Some firms are forced to develop contingency arrangements to pay employees, such as switching to paper checks. Some employees have been unable to access payroll systems as a result of the outage.

The ransomware attack impacts Kronos Private Cloud solutions, a data storing entity for several of the company’s services, including UKG Workforce Central, which is used by employees to track hours and schedule shifts.
“UKG recently became aware of a ransomware incident that has disrupted the Kronos Private Cloud, which houses solutions used by a limited number of our customers. We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts,” a Kronos spokesperson told media.

“We recognize the seriousness of the issue and have mobilized all available resources to support our customers and are working diligently to restore the affected services,” the spokesperson added.
It is still possible in most cases to log hours on the offline Kronos timesheet system, though it is unclear when these systems will come back online. “[E]very employee will get paid for every hour they work. We have complete confidence that we will be able to determine how many hours employees work and pay them for those hours and we continue to ask employees to keep time the way they always have,” MTA spokesperson Tim Minton told media.

News of the ransomware incident came after a security flaw in widely used software across the internet, called Log4j, was made public late last week, opening the door in many companies’ systems to hackers. Kronos has not confirmed that the ransomware attack is linked to the Log4j vulnerability and did not respond to media.
A separate banner on Kronos’ website, which was not part of the HR company’s specific messaging on the ransomware attack, warned about the potential impact of the Log4j vulnerability and noted that the company had “invoked emergency patching processes” to address it. In addition to the potential payroll issues, there’s also data privacy concerns. The city of Cleveland said in a statement Monday that Kronos alerted it that sensitive information may have been compromised in the attack. Employee names, addresses and the last four digits of social security numbers may have been stolen by the hackers inside Kronos’s network.
In an FAQ page on its site about the security incident, Kronos said its “investigation is ongoing, and we are working diligently to determine whether customer data has been compromised.”

  • Linkedin

  • Pinterest

  • Youtube