Kronos, a payroll & time management software offered by Ultimate Kronos Group (UKG), has been hit by a ransomware attack that could see parts of the services being unavailable to customers for weeks, Bloomberg reported.
In addition to payroll software, UKG offers a suite of other products, all running on the cloud, to enable companies to manage timesheets & their workforce. Companies such as Tesla, Puma, Kum and Go convenience, MGM International Resorts & city of Cleveland are few of UKG customers, reported Bloomberg. According to its website, it also offers similar services in the healthcare & banking verticals.
In a blog post, UKG said it noticed unusual activity that affecting its offerings as early as Saturday 11 December, which issue was further investigated & looked for ways to alleviate it.
It has since been determined that Kronos Private Cloud (KPC) where the company hosts a suite of its product offerings has been infected with ransomware. The company is still investigating issue to determine the nature & extent of the incident, Executive Vice President Bob Hughes wrote in post.
Affected services include UKG Workforce Central, UKG TeleStaff, Healthcare Extensions & Banking Scheduling Solutions. However, UKG Pro, UKG Ready, UKG Dimensions & some other services that are not hosted on the KPC but in separate environments are not affected, the company said.
As the company works to resolve the issue, it expects system recovery to take a few weeks & has urged its customers to implement their business continuity protocols. UKG has also informed authorities and is working diligently to remedy the situation. An update is expected later today.
Kronos did not provide any details about the ransomware attack or whether it was related to the Log4Shell vulnerability that reported over weekend, Bloomberg reported.
Ransomware attacks against US establishments are on rise across enterprise size.
