Security Experts:

HR Management Firm Kronos Needs Weeks to Recover From Ransomware Attack

HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend.

The attack, which took place on Saturday, December 11, 2021, targeted Kronos Private Cloud, a service on which the company runs several of its cloud applications, including Banking Scheduling Solutions, Healthcare Extensions, UKG TeleStaff, and UKG Workforce Central.

“At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud,” the company said.

Kronos says that it continues to investigate the ransomware incident, to determine the nature and scope of the attack.

The company also noted that the Kronos Private Cloud solutions would remain unavailable, warning its corporate customers that it might need weeks to restore systems and have services fully operational.

“Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions,” UKG said.

Kronos provides services to numerous organizations worldwide, including state and local government entities, universities, K-12 education, medium and large companies, health services providers, retail chains, and more.

The City of Springfield has confirmed being impacted by the incident, announcing that it has started working on addressing the potential adverse effects the incident might cause, to ensure that employees “will continue to receive their regular scheduled pay.”

“The City of Springfield, which uses Kronos, is taking all appropriate actions necessary to mitigate the impact this incident might potentially have upon the city, including potential disruptions with the recording of city employee schedules/hours for payroll purposes, which are usually kept and recorded in Kronos,” the City of Springfield said.

Related: Ransomware, Trojans, DDoS Malware and Crypto-Miners Delivered in Log4Shell Attacks

Related: Babuk Ransomware Seen Exploiting ProxyShell Vulnerabilities

Related: Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.

view counter