Kronos, a human resources software used by companies to track employee time and attendance, suffered a major ransomware attack this week.

The attack could impact millions of employees at major companies worldwide – and, according to the company, it may take several weeks to resolve the issue.


What You Need To Know

  • Kronos, a human resources software used by companies to track employee time and attendance, was hit with a ransomware attack on Dec. 11

  • The outage may last weeks, according to a company statement

  • The company's clients include Tesla, Samsung, Revlon and Charter Communications, the parent company of Spectrum News

  • UKG, Kronos' parent company, says it is working with cyber security experts and the authorities; The company apologized for the inconvenience and pledged to provide an update in the next 24 hours

A ranswomware attack is when hackers access and lock out an organization's computer systems — then demand payment to unlock them.

In Kronos' case, the attack on its system may affect how many employees across the U.S. and around the world get paid, track their vacations and paid time off.

According to the Ultimate Kronos Group (UKG) website, Kronos counts Tesla, Marriott, Yamaha, Samsung, The Salvation Army, Revlon, Miami Dolphins and Charter Communications, the parent company of Spectrum News, as some of its clients. 

"We are reaching out to inform you of a cyber security incident that has disrupted the Kronos Private Cloud," read a Dec. 13 post from Bob Hughes, UKG's Chief Customer & Strategy Officer, on Kronos' customer support forum. "As we previously communicated, late on Saturday, December 11, 2021, we became aware of unusual activity impacting UKG solutions using Kronos Private Cloud."

"We took immediate action to investigate and mitigate the issue, and have determined that this is a ransomware incident affecting the Kronos Private Cloud — the portion of our business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed," Hughes continued. "At this time, we are not aware of an impact to UKG Pro, UKG Ready, UKG Dimensions, or any other UKG products or solutions, which are housed in separate environments and not in the Kronos Private Cloud."

Hughes stated that UKG is working with "leading cyber security experts to assess and resolve that situation, and have notified the authorities."

Law enforcement has not said who may be behind the attack. 

The company said it could take several weeks to resolve the issue. 

"While we are working diligently, our Kronos Private Cloud solutions are currently unavailable," Hughes wrote in a blog post on the company's website.

"Given that it may take up to several weeks to restore system availability, we strongly recommend that you evaluate and implement alternative business continuity protocols related to the affected UKG solutions," he added. "Support is available via our UKG Kronos Community and via our UKG Customer Support Team to provide input on your business continuity plans."

The company apologized for the inconvenience and pledged to provide an update in the next 24 hours.

When reached for comment, a UKG spokesperson provided the following link for company updates https://www.ukg.com/KPCupdates.