HR Software Provider Hit by Ransomware Attack
HR management provider Kronos recently announced that it investigated unusual activity on its Kronos Private Cloud (KPC) platform and was affected by ransomware, temporarily disabling the KPC system. Here is the official statement sent to affected KPC customers on December 13 from Executive Vice President Bob Hughes:
“We are reaching out to inform you of a cyber security incident that has disrupted the Kronos Private Cloud.
As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud—the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed. At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud.
We are working with leading cyber security experts to assess and resolve the situation, and have notified the authorities. The investigation remains ongoing, as we work to determine the nature and scope of the incident.
While we are working diligently, our Kronos Private Cloud solutions are currently unavailable. Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions. Support is available via our UKG Kronos Community and via our UKG Customer Support Team to provide input on your business continuity plans.
We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation. We recognize the seriousness of this issue and will provide another update within the next 24 hours.
Thank you for your support and partnership.”
In addition, Kronos advised that other Kronos platforms were not affected by the ransomware attack.
While this attack made headlines, countless others are happening daily to small and midsize organizations, which can inflict heavy damage not only to day-to-day operations and critical infrastructure but to an organization’s reputation in the marketplace.
Continued diligence is recommended to combat ransomware attacks. Securing email, implementing backups, and training your staff on phishing awareness are a few best practices to help strengthen your defenses and recovery strategy. If you have questions, please contact a BKD Cyber Trusted Advisor or submit the Contact Us form below.