Ransomware attack hits major payroll company right before Christmas

Ransomware has been a recurring problem throughout 2021, and the latest attack could be particularly severe for some workers. NBC News reports workforce management heavyweight Kronos has suffered a ransomware attack that could affect its ability to handle hours and payroll at well-known companies like GameStop, Honda and Whole Foods. With many final pre-Christmas paychecks slated to arrive this week, there's a concern some employees might not get paid in a timely fashion when they need it most.

Kronos reported the attack on December 11th, but it wasn't until December 13th the company warned it might take "several weeks" to fully restore functionality. The company didn't identify the perpetrators. It also couldn't completely rule out a connection to the recent Log4j vulnerability, but went through "rapid patching" and supply chain checks to make sure its systems weren't susceptible.

It's not clear how soon hours and payroll functionality might come back. In the meantime, though, companies have had to scramble to find alternatives. Whole Foods told NBC it had found a way to pay staff this week, but Honda only said it was "taking steps" to mitigate any problems. One anonymous Whole Foods worker said teammates had been asked to rely on paper punch sheets and handwritten schedules.

The Kronos incident illustrates the sheer breadth of ransomware victims in recent months, including a meat supplier and a key oil pipeline operator. It also underscores the fragility of modern workplace technology. While a payroll company might not be considered critical infrastructure like food or fuel providers, a cyberattack against it can still deal significant economic damage.

https://www.msn.com/en-us/money/other/ransomware-attack-hits-major-payroll-company-right-before-christmas/ar-AARSwka

The Kronos ransomware attack could leave employers without payroll service for weeks. Here's what employees should know.


Kronos Private Cloud — a workforce management service owned by the technology company Ultimate Kronos Group (UKG) — was the target of a ransomware attack that employers say is impacting their payroll services.

Since the cybersecurity incident arose on Saturday, employers are reporting an inability to access several of the product's core services, including UKG Workforce Central, which aids employers with time cards, attendance, and scheduling. Many local city governments and large companies like Whole Foods, Staples, Puma, and Tesla rely on ghe Kronos Private Cloud to track their employees' hours and payroll information

According to a UKG spokesperson, the company is "working diligently to restore the affected services," adding that it recognizes the "severity of the issue and has mobilized all available resources" to support its customers.

"We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts," the UKG spokesperson told Insider.

https://www.msn.com/en-us/news/technology/the-kronos-ransomware-attack-could-leave-employers-without-payroll-service-for-weeks-heres-what-employees-should-know/ar-AARR0v7