For further authorisation and regulatory details about our Willis Towers Watson legal entities, operating in your country, please refer to our Willis Towers Watson website. Updated Kronos Private Cloud has been hit by a ransomware attack. Kronos ransomware attack impacts major Maine employers We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation. Check out our free upcoming live and on-demand online town halls unique, dynamic discussions with cybersecurity experts and the Threatpost community. Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. On December 13, 2021, workforce management solutions company Ultimate Kronos Group ("UKG") announced that it had suffered a ransomware attack two days earlier. Clients of Kronos are getting upset. A recent ransomware attack on third-party payroll and timekeeping software provider Kronos has led to several wage-and-hour class actions in recent weeks against everyone from PepsiCo to The Giant Company, alleging that the hack resulted in overtime pay violations for hourly workers. . The company released this statement on Monday about a Kronos ransomware attack. How to Choose the Best Co-managed IT Partner for your Business, Stepping Up Your Cybersecurity with Defense in Depth (DiD), Think like a Hacker: Get to know the hacking techniques and how to combat them. Copyright 2023 WTW. Employees have been instructed that starting Sunday, Jan. 16, 2022, they are to resume using Kronos for entering time and leave. Kronos ransomware attack could disrupt HR services for 'weeks - KSDK Like malware and computer viruses themselves, the consequences of cyberbreaches have a way of spreading in unpredictable ways. Puma was a Kronos Private Cloud customer, and affected employees are in the process of being notified hence the filing with the Maine AGs office. Going into the article, it reads that "A month old ransom attack is still causing administrative chaos for millions of people, including 20,000 public transit workers in the New York City Metro area. Its press release simply states it became aware of "unusual activity impacting UKG solutions using Kronos Private Cloud" and "took immediate action" and determined it was a ransomware attack. When experts come in and assess these companies, they notice theyre not doing enough. The number of customers affected by the ransomware attack is less than 5%, or about 2,500 of the total number of customers, according to a source familiar with the firm. 2022 5:00 AM ET. Let Cybersecurity Dive's free newsletter keep you informed, straight from your inbox. Without one, Data mesh brings a variety of benefits to data management, but it also presents challenges if organizations don't have the right As organizational data grows more complex, discovery processes help organizations identify patterns to solve potential issues and All Rights Reserved, From determining how work gets done and how its valued to improving the health and financial wellbeing of your workforce, we add perspective. You may not be a direct Kronos customer, but that does not mean that the data that you have provided to a third party has not made its way onto a cloud-based platform. Looking at some of the contracts that Kronos had with cities and other public entities, Warner found that they require "gross negligence or willful misconduct" to hold the company liable, he said. See here. As of late August, they were trying to extort the company into paying ransom for it, threatening to release the files on a leak site if the German company didnt pay up. A month-old ransomware attack that took down Kronos Private Cloud continues to cause problems for companies that use the popular workforce management software. Kronos ransomware attack raises questions of vendor liability Within the UKG Ready application, under the document tree, the notes are under Payroll / Release Notes / Legislative Updates and is labeled as follows: PR - Legislative Update - 2023/02 - February . It is also being reported that personal information on employees has been compromised. Kronos attack fallout continues with data breach disclosures seriousness of this issue and will provide another update within the next 24 hours. One thing is for sure: Kronos may be the first large HR vendor to fall victim to a ransomware attack, but it's unlikely to be the last. This is going to be an update as to why that is and what is going on and what this could . In September, The Record reported that one of those customers was Puma, the sportswear manufacturer. We saw two in December, January with Kronos and another company called Schedulefly that did this with restaurants. Kronos ransomware attack impacting hospitals and health systems The Kronos outage has affected at least eight million employees in the United States including workers at FedEx, Pepsi, Whole Foods, Puma, including several healthcare providers in Florida and across the southeast United States. The strategy will focus on ensuring closer collaboration on cyber security between government and industry, while giving software As 5G adoption accelerates, industry leaders are already getting ready for the next-generation of mobile technology, and looking Comms tech providers tasked to modernise parts of leading MENA and Asia operators existing networks, including deploying new All Rights Reserved, This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. Puma was one of two customers who had employee PII compromised as a result of that incident. ET, Explore CISAs 37 steps to minimum cybersecurity, Signs of stability emerge in turbulent cyber insurance market, White House releases national cyber strategy, shifting security burden, LastPass breach timeline: How a monthslong cyberattack unraveled, MKS Instruments says February ransomware attack will clip $200M from revenue, The US cyber strategy is out. Many companies use Kronos for time clock management and to help process payroll checks. The University of Arkansas for Medical Sciences uses Kronos timekeeping systems affected by the outage. Widely-Used Kronos Payroll Provider Down for "Weeks" Due to Ransomware Cookie Preferences Now, a lot of people took that to meant go find another payroll provider, which I'm sure a lot of people have at this point. Lawsuits are coming and the idea here is, is that people are going to get sued. HR management company Ultimate Kronos . The impacted HR-related applications are used by UKG's customers to . The agency placed a premium on low cost, high impact security efforts, which accountfor more than 40% of the goals. "About 8 million total employees are affected by the outage." We are more than just a law firm for employees we are an employees fiercest advocate, equipping employees with the legal representation needed to achieve the best result possible. The attack has led to an outage expected to last weeks, leaving companies scrambling to make . Workers are NOT obligated to wait for their wages and other payments because the employer chose a software or other service provider that had lax and insufficient cybersecurity. The author is Regional Director (APAC) at Array Networks, BW Communities is an array of business news websites targeted towards niche communities and readers across various industries. January 14, 2022 - HR management solutions . Kronos Cyber Attack Sparks Lawsuits Against Employers The Kronos outage caused many employers to be unable to process paychecks in the usual manner. Responding to the Kronos Cyber Attack - The National Law Review Customers were already seething over the companys lack of communication as the weekend unwound following the Saturday, Dec. 11 discovery of the attack. The cyber experts see things like this that happen where companies just don't do enough and then they end up in the network. We recommend that clients maintain detailed records regarding expenses incurred due to manual timekeeping or payroll processes. The university reverted to paper timesheets, said Leslie Taylor, a spokeswoman for the school. As we discussed in a prior post (here), the company that sells time-keeping and payroll software called Kronos suffered a cyber- and ransomware attack that shut down and continues to cause disruptions for its cloud-based computer systems. Some complaints allegethe defendant employer made the economic burden of the Kronos hack fall on frontline workersaverage Americanswho rely on the full and timely payment of their wages to make ends meet., Similarly, another complaint read[b]ecause PepsiCo could not access Plaintiffs and the members of the putative Class and Collectives time records during the outage period, and because PepsiCo failed to adopt and have in place a functional back-up plan for recording hourly employee time and timely processing hourly employee payroll, PepsiCo could notand did notaccurately pay its hourly employees during the outage period., The class actions, according to the complaints, seek to recover the unpaid wages and other damages owed by [defendant]to all these workers, along with the penalties, interest, and other remedies provided by federal and[state[ law.. The case was filed in the U.S. District Court in the Northern District Court of California. It's unclear how many customers were affected. They're not following a framework or they're not following the complete framework and everything that you need to do in order to be cyber resilient and withstand these attacks and these things that cyber criminals are doing. "If they're using a third-party provider, and it doesn't get the job done, they're responsible for making payroll.". An announcement will be posted when the update has been done. Where: The Kronos hack affects organizations and employees throughout . On Thursday evening, a company spokesperson pointed Threatpost to an FAQ that states that the company is working with Mandiant and West Monroe to test and continually harden our environment..