Kronos ransomware: A cyberattack using ransomware hitting one of the biggest human resources firms could have a negative impact on how employees are paid, how they clock in for work and track their paid time off.
HR management firm Ultimate Kronos Group confirmed a ransomware attack that affected the various services used by companies in order to control their workers as well as payrolls.
The breach that UKG discovered on Saturday, affected its Kronos Private Cloud, which comprises UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions, said UKG.
“We have been working with the top cybersecurity experts in order to analyze and address the issue, and have informed the police,” said Bob Hughes the executive vice president of UKG, in a blog post on the website of the company. “The investigation continues while we identify the cause and extent that the issue has.”
A new title to Elon Musk: Billionaire is Time magazine’s Person of The Year.
We’ve got everything we’ve learned to date:
How long will it take before it’s fixed?
UKG announced that all services connected directly to Kronos Private Cloud are currently not available which could mean it takes several weeks before the service is restored. The company suggests that customers think about “alternative business continuity procedures” that are related to the Kronos services they’ve used.
In a statement issued on today, UKG said any time clocks that companies use still record and save data when employees are offline until the connection is restored.
How do I find log4j? Does it have any connection?
Log4j is a well-known software for logging Java software, which is used in games such as “Minecraft” as well as financial and banking applications, claims Jon Clay, vice president of security for Trend Micro. A serious vulnerability was found within the program as well as according to security company Trend Micro, this vulnerability has already been exploited. The flaw is deemed to be grave because the software is utilized in a broad array of devices using Java software.
“Organizations and users must immediately patch any software or systems that are affected by this issue,” said Clay.
This vulnerability is connected to the incident with Kronos? UKG stated that there is no evidence of a connection.
“We are currently investigating whether or not there’s any connection between the security issue mentioned above and the vulnerability Log4j,” UKG said in its latest update. UKG in its most recent update.
What are the responses of affected companies?
In a press release issued on Monday morning, the University of Utah said it has formed an advisory committee to study the extent to which the ransomware attack could be affecting their systems.
“Paychecks are distributed on a time, but there could be changes at the later time to reflect any changes that are needed,” said the university.
The City of Cleveland said its employees will continue to get paid regardless of the attack, according to local reports.
In a statement on Monday, Springfield, Massachusetts. One of Krono’s customers stated that records of the city’s employees’ hours and schedules could be affected by the attack.
“The City of Springfield would like to assure all employees of the city that contingency plans to record employee hours and schedules will be put in place to minimize any negative consequences the incident could cause and ensure that employees be paid their regular paid schedule,” said the city in an announcement.