A ransomware attack on one of the biggest workforce management software companies has left employers in a number of industries struggling to process staff pay at one of the most critical times of the year for many households.

A number of Kronos platforms have been unavailable since the attack on 11 December, with data centres in Frankfurt, Amsterdam, and the US all hit. It has meant that data on employee working hours has become inaccessible, leaving employers unable to accurately calculate wages owed.

A statement from Ultimate Kronos Group (UKG) said: “UKG is currently mitigating the impact of a ransomware incident affecting a small subset of UKG solutions. It is limited to those instances that are hosted in the Kronos Private Cloud. UKG has engaged with leading cybersecurity experts, notified the authorities, and is proactively communicating with impacted customers. We recognize the seriousness of this issue and are committed to supporting our customers as we work to a resolution.”

Among the companies hit by the incident is UK supermarket chain Sainsbury’s which uses Kronos to log, store and process the hours its employees have worked. It has reportedly lost a week’s work of data relating to the working hours of its 150,000 employees but has assured them that they will be paid before Christmas.

UKG warns that it could take several weeks to fully restore system availability, with back-up systems also being investigated in case they have also been targeted in the malicious attack. In the meantime, it recommends that customers activate their business continuity plans.

Share Story: