Kronos ransomware attack: The nightmare that could hit paychecks right before Christmas
Kronos, a multinational workforce management platform, has been hit by a ransomware attack that the company said could force its system offline for several weeks.
According to parent company Ultimate Kronos Group (UKG), the attack disrupted Kronos Private Cloud solutions, which stores data for UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. Workforce Central is the software that employees use to schedule shifts, log absences, and clock in and out of work. UKG said it became aware of the incident after detecting “unusual activity” on Saturday, and began taking steps to “investigate and mitigate” it. It has since enlisted top cybersecurity experts to resolve the situation, but warned that its software could stay down for a while.
Unfortunately, Kronos boasts a ledger of big-name clients including Tesla, MGM Resorts International, Puma, Sainsbury’s, the YMCA, and the city of Denver. The information-tech-focused website ZDNet reported that multiple companies were unable to process payrolls as of Monday, and other sources said the outage could cause them to miss paychecks leading up to their holiday breaks.
New York’s Metropolitan Transportation Authority, another Kronos client, also revealed Monday that its payroll and shift-keeping systems were inaccessible. Clients were encouraged by Kronos to “implement alternative business continuity protocols” in the meantime. However, those clients also include some small businesses without contingencies in place, which are ill-equipped to rustle up a contract on such short notice.