In a severe ransomware attack on Monday, the Ultimate Kronos Group (UKG), a large technology corporation that supplies human resource management solutions to other firms, was hit by a ransomware attack. Several of the firm’s clients have been unable to access their payroll systems as a result of the cyber assault, and the situation is expected to continue for several weeks.
The cyber assault has caused the Kronos Private Cloud to be unavailable, according to the company, which informed its clients and communities through a blog. There are a number of Kronos products hosted in its own cloud, including UKG Workforce Central, UKGTeleStaff, Healthcare Extensions, and Banking Scheduling Solutions.
The ransomware assault was found late on December 11 as a result of an examination into “unusual behavior targeting UKG solutions,” according to the FBI. To “evaluate and rectify the problem,” the United Kingdom Government has enlisted the help of cyber security professionals. An investigation is currently ongoing to investigate the type and breadth of the cyber assault that was launched against the company.
Clients will be unable to use Kronos Private Cloud products until a thorough investigation into the incident has been completed. As UKG points out on its blog, restoring these services may “take many weeks” and that clients should consider using alternate services in the meanwhile.
According to a CNN article emphasizing the event, the ransomware assault has also raised fears about data theft. According to the report, the city of Cleveland issued a statement in which it stated that Kronos had notified it of the danger of sensitive information being compromised as a result of the assault. It is possible that the information obtained from within the Kronos network includes employee names, addresses, and the last four digits of social security numbers, among other things.
This is a problem that UKG does not address in detail on their FAQ page on the event. According to the organization, it is now examining the likelihood of a data theft and is working aggressively “to discover whether or not client data has been stolen.
Even if there hasn’t been any data stolen, which is very improbable if the hackers were able to get access to Kronos’ network, the ransomware assault has rendered payroll systems for a large number of businesses inoperable.
According to CNN, organizations who rely on the Kronos services have had to devise contingency plans in order to pay their employees. Some of them have switched to paper checks, while others are still able to access their payroll systems through creative means. However, in the vast majority of situations, the offline Kronos timesheet system is still operational, and businesses may continue to use it for the time being.