Kronos, major HR and payroll service provider, hit with ransomware, warns of a long outage
Kronos, a cloud-based HR management company, announced it was hit by a ransomware attack. Restoring operations could take 'weeks,' the company claims.
The attack prevents Ultimate Kronos Group (UKG) clients from accessing staff management and payroll processing services.
The company claims that initial investigation shows the attack affects Kronos Private Cloud, the portion of UKG business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed.
"Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions," Bob Hughes, UKG's Executive Vice President, wrote in a blog post.
The attack might spell trouble for many companies executing payroll and management services via UKG's services. Due to payroll service inactivity, some clients might be left without pay over the holiday period.
Tesla, Puma, Sainsbury's, and the City of Cleveland are high-profile clients who rely on services affected by the attack.
The company claims it is not aware of any impact on UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions housed in separate environments and not in the Kronos Private Cloud.
The company noticed the unusual activity on Saturday. Attempts to mitigate the issue led the company to conclude that UKG was experiencing a ransomware attack.
"We are working with leading cyber security experts to assess and resolve the situation, and have notified the authorities. The investigation remains ongoing, as we work to determine the nature and scope of the incident," Hughes wrote.
Cyberattacks are increasing in scale, sophistication, and scope. The last 12 months were ripe with major high-profile cyberattacks, such as the SolarWinds hack, attacks against the Colonial Pipeline, meat processing company JBS, and software firm Kaseya.
The prevalence of ransomware has forced governments to take multilateral action against the threat. It's likely a combined effort allowed to push the infamous REvil and BlackMatter cartels offline and arrest the Cl0p ransomware cartel members.
Gangs, however, either rebrand or form new groups. Most recently, LockBit 2.0 was the most active ransomware group with a whopping list of 203 victims in Q3 of 2021 alone.
An average data breach costs victims $4.24 million per incident, the highest in the 17 years. For example, the average cost stood at $3.86 million per incident last year, putting recent results at a 10% increase.
More from CyberNews
Subscribe to our newsletter