UKG Faces Test as Ransomware Hits Kronos Private Cloud


UKG’s Kronos Private Cloud was hit by a ransomware attack over the weekend, knocking out several services that may remain offline for weeks.

According to media reports, UKG has advised affected customers to find alternative workforce management solutions while it resolves the situation. That puts the company in the unenviable position of suggesting that customers road test competing applications because of its own troubles.

.@UKG’s Kronos Private Cloud was hit by a ransomware attack over the weekend, knocking out several services that may remain offline for weeks. #HR #HRTech Click To Tweet

UKG was formed last year by the merger of Ultimate Software and Kronos. The services impacted by the attack were all originally developed for Kronos and manage timekeeping, payroll and employee benefits. The platform also houses analytics tools.

Estimates of the number of customers affected by the attack range into the thousands. UKG said the Private Cloud supports UKG Workforce Central, UKG TeleStaff, Healthcare Extensions and Banking Scheduling Solutions.

Observers point out that the outage couldn’t come at a worse time: If Workforce Central indeed remains offline for an extended period, customers will be forced to scramble to distribute payroll just as their workers head out to do their holiday shopping. Already, said the Boston Globe, companies are searching for ways to record employees’ hours worked and to make payroll. “In some cases that meant returning to pen and paper,” the newspaper said.

Limited Impact

Customers of the Private Cloud include municipalities like the city of Springfield, Mass., the automaker Tesla and retailer Target.

In an email to customers, UKG said it was unaware of any impact to UKG Pro, UKG Ready, UKG Dimensions or other UKG products or solutions. Those, it noted, “are housed in separate environments and not in the Kronos Private Cloud.”

As of Wednesday morning, UKG had not determined whether the incident has impacted customer data. It also said there is no indication that the incident is related to the Log4j vulnerability. In any case, the company said it “initiated rapid patching processes across UKG and our subsidiaries” and began monitoring its software supply chain for indications of potential issues “as soon as [the] vulnerability was reported.”

The incident began two days before UKG kicked off this year’s UKG Connections user conference. At the start of the event, which focuses on products offered pre-merger by Ultimate Software, executives provided a brief update on the Private Cloud outage, although attendees were largely unconcerned. Since their solutions are unaffected, that’s not surprising. 

Image: iStock

Previous articleModern Hire’s Interview Scoring Update Focuses on Bias
Next articleRoundup: Zoom Grows Clovers; Fountain Launches New Solutions