Human resource management group hit by ransomware attack

Ultimate Kronos Group (UKG), a human resources management provider, was hit by a ransomware attack earlier this week, the company confirmed. 

Kronos Executive Vice President Bob Hughes confirmed the incident in a blog post published Monday. Hughes noted that the company became aware of the breach on Dec. 11 and that it had impacted the Kronos Private Cloud, which includes UKG Workforce Central, UKG TeleStaff, Healthcare Extensions and Banking Scheduling Solutions.

Hughes warned that while the company was working to address the incident, it could result in Kronos Private Cloud systems being impacted for “several weeks.”

The attack could have a widespread impact for several major companies, with UKG’s customers including Tesla, Marriott, Yamaha, Samsung, Revlon, The Container Store and Peet’s Coffee and Tea, among many others. 

“We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation,” Hughes wrote. “We recognize the seriousness of this issue and will provide another update within the next 24 hours.”

Hughes wrote that Kronos was working with cybersecurity experts and had notified authorities of the breach. 

The incident comes as companies around the world are scrambling to respond to and remediate a vulnerability in Apache logging package log4j, which is being described by top experts as one of the worst vulnerabilities they have seen due to log4j being a fundamental ingredient in the systems of companies worldwide. Malicious hackers, including nation states, have been actively trying to exploit the vulnerability since its discovery late last week.

While it was not immediately clear if the ransomware attack on Kronos was linked to the log4j vulnerability, the company posted a notice on its website that it was “aware” of the issue and was monitoring its systems and third-party software supply chain for any indications of compromise. 

Ransomware attacks have been an increasing thorn in the side of security professionals and have particularly spiked during the COVID-19 pandemic, with hospitals, health care groups and schools among those targeted by hackers. Major attacks on Colonial Pipeline, meat producer JBS USA and IT company Kaseya have also highlighted national security threats posed by ongoing attacks.