HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend.
The attack, which took place on Saturday, December 11, 2021, targeted Kronos Private Cloud, a service on which the company runs several of its cloud applications, including Banking Scheduling Solutions, Healthcare Extensions, UKG TeleStaff, and UKG Workforce Central.
“At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud,” the company said.
Kronos says that it continues to investigate the ransomware incident, to determine the nature and scope of the attack.
The company also noted that the Kronos Private Cloud solutions would remain unavailable, warning its corporate customers that it might need weeks to restore systems and have services fully operational.
“Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions,” UKG said.
Kronos provides services to numerous organizations worldwide, including state and local government entities, universities, K-12 education, medium and large companies, health services providers, retail chains, and more.
The City of Springfield has confirmed being impacted by the incident, announcing that it has started working on addressing the potential adverse effects the incident might cause, to ensure that employees “will continue to receive their regular scheduled pay.”
“The City of Springfield, which uses Kronos, is taking all appropriate actions necessary to mitigate the impact this incident might potentially have upon the city, including potential disruptions with the recording of city employee schedules/hours for payroll purposes, which are usually kept and recorded in Kronos,” the City of Springfield said.
Related: Ransomware, Trojans, DDoS Malware and Crypto-Miners Delivered in Log4Shell Attacks
Related: Babuk Ransomware Seen Exploiting ProxyShell Vulnerabilities
Related: Ransomware Hit SCADA Systems at 3 Water Facilities in U.S.
More from Ionut Arghire
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- OpenAI Patches Account Takeover Vulnerabilities in ChatGPT
- New Wi-Fi Attack Allows Traffic Interception, Security Bypass
- Casino Giant Crown Resorts Investigating Ransomware Group’s Data Theft Claims
- Over 200 Organizations Targeted in Chinese Cyberespionage Campaign
- Nigerian BEC Scammer Sentenced to Prison in US
- China’s Nuclear Energy Sector Targeted in Cyberespionage Campaign
- 14 Million Records Stolen in Data Breach at Latitude Financial Services
Latest News
- Microsoft Cloud Vulnerability Led to Bing Search Hijacking, Exposure of Office 365 Data
- 3CX Confirms Supply Chain Attack as Researchers Uncover Mac Component
- UK Introduces Mass Surveillance With Online Safety Bill
- Musk, Scientists Call for Halt to AI Race Sparked by ChatGPT
- Malware Hunters Spot Supply Chain Attack Hitting 3CX Desktop App
- LeapXpert Banks $22M Funding to Secure Corporate Messaging With Consumer Apps
- Blockchain Security Firm True I/O Raises $9 Million
- Spera Banks $10 Million to Tackle Identity and Access Sprawl
