Some Kronos Customers Face Payroll, Scheduling Disruptions From Hack

A ransomware attack on HR management software program provider Best Kronos Team could knock offline for weeks the cloud-primarily based options that buyers use to regulate payroll and personnel scheduling.

UKG has disclosed it turned conscious on December 11 of “unusual activity” affecting its Kronos Private Cloud company and experienced established it was a ransomware incident. Kronos Personal Cloud consists of such goods as UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions.

‘Given that it may choose up to a number of weeks to restore program availability, we strongly propose that you assess and apply alternate small business continuity protocols similar to the influenced UKG alternatives,” the firm recommended shoppers.

Solutions that are not housed in the Kronos Non-public Cloud, like UKG Pro, UKG All set, and UKG Dimensions, have been not impacted by the hack.

The Boston Globe documented that “HR departments have been scrambling to obtain approaches to document employees’ hrs worked and make sure they bought paid out. In some scenarios that meant returning to pen and paper.”

“This assault drives property the require to not only have, but also to practice, catastrophe-restoration and continuity-of-operations ideas that can be enacted speedily and proficiently,” Erich Kron, a protection awareness advocate at KnowBe4, explained to Threatpost.

“The additional intensely reliant companies are on technical solutions, even those people in the cloud, the more important it will become to have a prepare to run devoid of these services, even for a quick time,” he claimed.

Best Kronos was fashioned final 12 months when Lowell, Mass.-primarily based Kronos, a pioneer in on the internet payroll and scheduling companies, merged with its Florida rival, Greatest Computer software, in a $22 billion deal.

Its do the job administration computer software is utilised by dozens of big organizations, community governments, and enterprises, together with the Metropolis of Cleveland, Tesla, Temple University, Clemson University, U.K. grocery store chain Sainsburys, and New York’s Metropolitan Transportation Authority.

The City of Cleveland said UKG advised them and other clientele that the ransomware assault may have compromised worker facts like names, addresses, social security quantities, and worker IDs.

Even if UKG decides to pay back the ransom, Allan Liska, an intelligence analyst at cybersecurity organization Recorded Future, claimed it can get days to negotiate a settlement with the attackers and set together the money.

Kronos Private Cloud, ransomware, program, Ultimate Kronos Group, workforce administration