Ransomware attack targeting Kronos HR systems will affect the salary and work hours of millions of employees in multiple companies

Cybersecurity specialists report a ransomware infection in Kronos Private Cloud, part of the human resource management services of the technology firm Ultimate Kronos Group (UKG). The incident was confirmed by the firm itself through an email sent to its corporate clients.

In its message, the company announces that the unusual activity was detected this Saturday night, when its cloud services were temporarily disconnected due to the infection, so users are advised to implement alternative protocols to keep their operations active.

The company also mentions that the system recovery process is already being implemented, although this could take a couple of weeks or even more than a month. About those responsible for the attack, Kronos did not attribute the infection to a specific ransomware group, so far the amount demanded by the hackers and if the company decided to pay the ransom is unknown.

Specialists mention that this incident could seriously impact companies around the world, altering employees’ schedules and with companies having trouble maintaining their human resources records, in addition to generating some payroll errors.

Kronos solutions are mainly used in the United States and the United Kingdom by companies of various classes, including clothing stores and supermarket chains such as Sainsbury’s. A Spokesman for Sainsbury’s said: “We are in close contact with Kronos as they investigate a systems issue. In the meantime, we have a contingency plan in place to make sure our systems stay active.”

A group of researchers believe that this incident could be related to the exploitation of the recently detected remote code execution (RCE) vulnerability in Log4j, which has been exploited on multiple occasions since its discovery. However, the company has not revealed technical details about the attack.

This is not the only security incident related to Kronos. A couple of years ago, Kronos USA was sued by a nursing home employee who said its fingerprint scanning technology violated multiple existing privacy laws, leading to a public relations scandal for the company.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.