Kronos Hit with Ransomware Attack

Based on UKG’s ongoing investigation, this incident appears limited to four hosted solutions in the Kronos Private Cloud. The systems may be offline for weeks.
Anna Wolfe
Senior Editor - Restaurants
Anna Wolfe  profile picture

Human resources company Ultimate Kronos Group (UKG) disclosed that it is a victim of ransomware attack affecting a subset of UKG solutions hosted in the Kronos Private Cloud.

The company said it noticed "unusual activity" on December 11, according to several news reports.

In a written statement to HTa spokesperson for UKG said, “UKG recently became aware of a ransomware incident that has disrupted the Kronos Private Cloud, which houses solutions used by a limited number of our customers. We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts. We recognize the seriousness of the issue and have mobilized all available resources to support our customers and are working diligently to restore the affected services.”

According to reports, systems are down and could remain that way for several weeks. According to a FAQ statement on its website, “UKG has engaged with leading cybersecurity experts, notified the authorities, and is proactively communicating with impacted customers. We recognize the seriousness of this issue and are committed to supporting our customers as we work to a resolution.” 

Based on UKG’s ongoing investigation, this incident appears limited to the following hosted solutions in the Kronos Private Cloud: 

  • UKG Workforce Central 
  • UKG TeleStaff 
  • Healthcare Extensions 
  • UKG Scheduling/Workforce Management for Banks (formerly called FMSI/Kronos for Banking Solutions)

“At this time, we believe that instances of these solutions deployed in on-premise/self-hosted environments are not affected,” according to the incident’s FAQ on the company’s site

Far-Reaching Impact

Kronos is widely used - and works with many hospitals, universities and local governments across the country. Its list of notable customers in the hospitality space includes Aramark, Marriott, MGM Resorts, Dave and Busters, and Samsung, to name a few.

Some employers find themselves having to make contingency plans in order to pay workers, such as shifting to paper checks, and some impacted employees have been unable to access payroll systems, reported CNN.

This story will be updated.