Ultimate Kronos Group (UKG), a major technology firm that provides human resource management solutions to other companies, experience a critical ransomware attack on Monday. The cyber attack has left several clients of the firm unable to access their payroll systems and the situation can possibly last for weeks to come.
Notifying its clients and communities in a blog, the firm has revealed that the cyber attack has disrupted the Kronos Private Cloud. Kronos Private Cloud houses a range of solutions by the company, including UKG Workforce Central, UKGTeleStaff, Healthcare Extensions, and Banking Scheduling Solutions.
The ransomware attack was discovered following an investigation of “unusual activity impacting UKG solutions” late on December 11. UKG is now working with cyber security experts to “assess and resolve the situation.” An investigation is underway to determine the nature and scope of the cyber attack.
Until an evaluation of the situation comes out, Kronos Private Cloud solutions will remain unavailable for clients. In its blog, UKG hints that “it may take up to several weeks” to restore these services, and recommends its clients to use alternatives to these services till that time.
A report by CNN highlighting the incident shares that the ransomware attack has also led to concerns of data theft. The report cites a statement by the city of Cleveland, mentioning that Kronos had alerted it of a possibility of sensitive information being compromised in the attack. This information may include employee names, addresses and the last four digits of social security numbers, all stolen from inside the Kronos network.
UKG sheds little light on this concern on its FAQ page around the incident. As per the company, it is currently investigating the possibility of a data theft, as its works diligently “to determine whether customer data has been compromised.”
Even if there has been no data theft, which is highly unlikely if the hackers managed to make their way to Kronos’ network, the ransomware attack has left payroll systems of many companies unusable. CNN reports that companies using the Kronos services have had to make contingency plans to pay workers. Some of them have shifted to paper checks, while others still find ways to access their payroll systems. In most cases, however, the offline Kronos timesheet system is still working and companies can keep using it for the time being.