Here’s how employees can be affected by the Kronos Ransomware attack

  • Kronos Private Cloud was the target of a ransomware attack earlier this week.
  • The attack affected several Kronos services, including workforce management tools such as time cards and payroll.
  • As of Wednesday afternoon, it is unclear whether the ransomware attack is related to vulnerabilities found in Log4j.

Kronos Private Cloud – a workforce management service owned by technology company Ultimate Kronos Group (UKG) – was the target of a ransomware attack that employers say affects their payroll services.

Since the cyber-security incident occurred on Saturday, employers are reporting inability to access several of the product’s core services, including UKG Workforce Central, which helps employers with time cards, attendance and scheduling. Many local government agencies and large corporations such as Whole Foods, Staples, Puma and Tesla rely on ghe Kronos Private Cloud to track their employees’ hours and payroll information

According to a UKG spokesman, the company is working hard to restore the affected services, adding that it recognizes “the seriousness of the problem and has mobilized all available resources” to support its customers.

“We took immediate action to investigate and remedy the problem, have alerted our affected customers and informed the authorities and are working with leading cybersecurity experts,” the UKG spokesman told Insider.

UKG Executive Vice President Bob Hughes wrote in a statement on the company’s customer forum that it may take several weeks to restore the system, urging its customers to use alternatives to workforce management while the cloud is down.

Under the Fair Labor Standards Act, employers are required to track the hours their employees have worked using any timekeeping method. In case of a technical problem, employers can choose to switch to paper time cards to manually track their time or use another electronic timekeeping method.

Those who experience difficulty with pay may also choose to temporarily switch to paper pay slips instead of direct payments or otherwise issue base pay slips to their employees for working hours and correct any pay gaps later.

Still, several concerned employees using Kronos Private Cloud have been taken to social media platforms such as Reddit and Twitter to express concerns about


attacks and their affected payroll information.

Some Redditors expressed concern that personal data items such as name, date of birth, phone number and email address were compromised in the attack, while others on Twitter said they were concerned that their pay slips would not arrive before the Christmas holidays.

The City of Cleveland, Ohio warned employees that the last four digits of their social security number could potentially be compromised, according to a statement released by the city on Monday.

“UKG has informed the city and its other customers that they are working to assess and resolve the situation as soon as possible,” the City of Cleveland said on its website. “In the meantime, the municipality will continue timely payroll processing and ensure that employees receive their pay without interruption.”

In addition, employers including the City of Springfield, Massachusetts, the University of Utah, and George Washington University have reported being affected by the power outage.

As of Wednesday afternoon, it is unclear whether the ransomware attack is related to vulnerabilities found in Log4j, a software often used with Java. The Log4j error allows an external hacker to take over a device or system running the software, according to NPR. With this remote access, the hacker can then install cryptocurrencies or steal private data.

UKG said it was aware of the Log4j vulnerability and had preventive checks in place to detect attempts to exploit its system, according to the company’s website.

However, because Java is one of the most popular programming languages ​​in the world, cybersecurity experts have warned that the effects of the bug may be widespread.

Leave a Comment