Security News > 2021 > December > Ransomware hits HR solutions provider Kronos, locking customers out of vital services

Ransomware hits HR solutions provider Kronos, locking customers out of vital services
2021-12-14 09:41

The end of the year chaos caused by the revelation of the Log4Shell vulnerability has, for some organizations, been augmented by a ransomware attack on Ultimate Kronos Group, one of the biggest HR and workforce management solutions providers in the US. Many organizations use Kronos for organizing workers' schedules, tracking vacations, processing payroll and bonuses, etc.

"As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud-the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed," the notice sent to impacted customers has revealed.

The on-premise installations of the aforementioned solutions are not affected by the attack, and neither are UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, because they are not housed in the Kronos Private Cloud.

Customers are, manifestly, not happy with the lack of information and the situation - they were counting on Kronos to have backups and be able to restore the data and services quickly.

James Shank, Sr. Security Evangelist and Chief Architect, Community Services at Team Cymru, noted that having payroll, time, and attendance interrupted by ransomware during this time of year is terrible.

"The Kronos/UKG ransomware event will add to the end of year stress for many of their clients. Ransomware is about extortion, and in this case, the impact and timing makes this a huge issue for UKG. This could create nightmare time tracking, scheduling, and payroll processing scenarios. It could not come at a worse time of year," he said, but noted that with the log4j vulnerability impacting many Internet facing systems, Kronos/UKG may be old news soon.


News URL

https://www.helpnetsecurity.com/2021/12/14/kronos-ransomware/