Kronos ransomware attack: The nightmare that could hit paychecks right before Christmas

Kronos, a multinational workforce administration platform, has been hit by a ransomware assault that the corporate mentioned could pressure its system offline for a number of weeks.

According to mum or dad firm Ultimate Kronos Group (UKG), the assault disrupted Kronos Private Cloud options, which shops information for UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. Workforce Central is the software program that workers use to schedule shifts, log absences, and clock out and in of labor. UKG mentioned it turned conscious of the incident after detecting “uncommon exercise” on Saturday, and started taking steps to “examine and mitigate” it. It has since enlisted high cyber-security specialists to resolve the state of affairs, however warned that its software program could keep down for some time.

Unfortunately, Kronos boasts a ledger of big-name purchasers together with Tesla, MGM Resorts International, Puma, Sainsburys, the YMCA, and the town of Denver. The information-tech-focused web site ZDNet reported that multiple companies were unable to process payrolls as of Monday, and different sources mentioned the outage could trigger them to overlook paychecks main as much as their vacation breaks.


New York’s Metropolitan Transportation Authority, one other Kronos shopper, also revealed Monday that its payroll and shift-keeping techniques had been inaccessible. Clients had been inspired by Kronos to “implement various enterprise continuity protocols” within the meantime. However, these purchasers additionally embrace some small companies with out contingencies in place, that are ill-equipped to rustle up a contract on such quick discover.

But if that wasn’t dangerous sufficient, the assault may have compromised private info. The metropolis of Cleveland, yet one more Kronos shopper, instructed native information station WKYC that it received an alert from UKG that some workers’ names, addresses, and final 4 social safety digits could have been stolen. UKG mentioned its investigation continues to be ongoing.

The cloud supplier has not mentioned which ransomware group was behind the assault, however some analysts speculate it’s linked to the Log4Shell flaw, which was discovered final week exploited in Minecraft servers, and is already being described as one of the critical threats ever seen. Found inside Log4J, an open-source Java-based logging framework, it’s a zero-day vulnerability—that means it’s been disclosed however not patched—that lets malicious actors, even these with low ability units, run nearly any code within the wild. Most troublingly, Log4J is ubiquitous, utilized by large web corporations like Amazon, Cloudflare, Steam, Twitter, and Baidu. Hopefully, they’re all hustling to engineer fixes before it’s too late.

If not, the results could be dire. In 2017, an analogous vulnerability was exploited to breach shopper credit score company Equifax, compromising information from over 100 million prospects. Equifax has since been ordered to pay $77.5 million to these affected in a class-action lawsuit.


Show More

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button