Kronos ransomware attack continues to hit payroll processing

A ransomware attack on one of the biggest workforce management software companies has left employers in a number of industries struggling to process staff pay at one of the most critical times of the year for many households.

A number of Kronos platforms have been unavailable since the attack on 11 December, with data centres in Frankfurt, Amsterdam, and the US all hit. It has meant that data on employee working hours has become inaccessible, leaving employers unable to accurately calculate wages owed.

A statement from Ultimate Kronos Group (UKG) said: “UKG is currently mitigating the impact of a ransomware incident affecting a small subset of UKG solutions. It is limited to those instances that are hosted in the Kronos Private Cloud. UKG has engaged with leading cybersecurity experts, notified the authorities, and is proactively communicating with impacted customers. We recognize the seriousness of this issue and are committed to supporting our customers as we work to a resolution.”

Among the companies hit by the incident is UK supermarket chain Sainsbury’s which uses Kronos to log, store and process the hours its employees have worked. It has reportedly lost a week’s work of data relating to the working hours of its 150,000 employees but has assured them that they will be paid before Christmas.

UKG warns that it could take several weeks to fully restore system availability, with back-up systems also being investigated in case they have also been targeted in the malicious attack. In the meantime, it recommends that customers activate their business continuity plans.

    Share Story:


Cyber risk in the transportation industry
The connected nature of the transport and logistics industries makes them an attractive target for hackers, with potentially disruptive and costly consequences. Between June 2020 and June 2021, the transportation industry saw an 186% increase in weekly ransomware attacks. At the same time, regulations and cyber security standards are lacking – creating weak postures across the board. This podcast explores the key risks. Published April 2022.

Political risk: A fresh perspective
CIR’s editor, Deborah Ritchie speaks with head of PCS at Verisk, Tom Johansmeyer about the confluence of political, nat cat and pandemic risks in a world that is becoming an increasingly risky place in which to do business. Published February 2022.