Christmas Payroll Fears After Ransomware Hits Software Provider

HR software giant UKG has been hit with a ransomware attack which may take the organization weeks to recover from, potentially imperilling festive season pay packets.

The firm — whose workforce and HR management solutions power countless organizations including Unilever, Marriott, Sainsbury’s and Hermes — said it was struck last week.

“Late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud. We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud — the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed,” said EVP Bob Hughes in a community post.

“At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud.”

The firm is working with third-party security experts and has notified the authorities. However, the above Kronos Private Cloud solutions could remain unavailable for some time.

“Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions,” Hughes concluded.

“Support is available via our UKG Kronos Community and via our UKG Customer Support Team to provide input on your business continuity plans.”

A series of angry customers took to the community page to ask for more information and complain about a lack of support and contingency planning on the part of UKG.

“For a company your size and for the data being handled, shouldn't Kronos have a contingency plan in case this happened,” asked one.

“Where are the backups, can't the backups be restored? Are the backups stored in the same ‘cloud/space’ as production, that doesn't make sense? A few weeks to be back up and running is unacceptable.”

There have also been reports of payroll disruption among UKG clients, which, given the time of the year, will be a major blow to these companies and their employees.

What’s Hot on Infosecurity Magazine?