Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

HR Management Firm Kronos Needs Weeks to Recover From Ransomware Attack

HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend.

HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend.

The attack, which took place on Saturday, December 11, 2021, targeted Kronos Private Cloud, a service on which the company runs several of its cloud applications, including Banking Scheduling Solutions, Healthcare Extensions, UKG TeleStaff, and UKG Workforce Central.

“At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud,” the company said.

Kronos says that it continues to investigate the ransomware incident, to determine the nature and scope of the attack.

The company also noted that the Kronos Private Cloud solutions would remain unavailable, warning its corporate customers that it might need weeks to restore systems and have services fully operational.

“Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions,” UKG said.

Kronos provides services to numerous organizations worldwide, including state and local government entities, universities, K-12 education, medium and large companies, health services providers, retail chains, and more.

The City of Springfield has confirmed being impacted by the incident, announcing that it has started working on addressing the potential adverse effects the incident might cause, to ensure that employees “will continue to receive their regular scheduled pay.”

Advertisement. Scroll to continue reading.

“The City of Springfield, which uses Kronos, is taking all appropriate actions necessary to mitigate the impact this incident might potentially have upon the city, including potential disruptions with the recording of city employee schedules/hours for payroll purposes, which are usually kept and recorded in Kronos,” the City of Springfield said.

Related: Ransomware, Trojans, DDoS Malware and Crypto-Miners Delivered in Log4Shell Attacks

Related: Babuk Ransomware Seen Exploiting ProxyShell Vulnerabilities

Related: Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...