HR management platform Kronos announced a cyber security incident that has disrupted the Kronos Private Cloud. According to the announcement, the company became aware of an unusual activity that impacts UKG solution which uses Kronos Private Cloud on December 11. The investigation showed that it is a ransomware incident that affected the Kronos Private Cloud which is the portion of its business where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions are deployed.
Kronos announced that restoring Kronos Private Cloud can take up to several weeks
The company stated that Kronos Private Cloud solutions are unavailable at the moment and it can take up to several weeks to be able to restore system availability. Kronos also urged users to evaluate and implement alternative business continuity protocols related to the affected UKG solutions. Kronos is currently offering support via its UKG Kronos Community and via our UKG Customer Support Team to provide input on your business continuity plans.
Although the company didn’t share any information about data leakage, some online sources are claiming that some information about the company’s high-profile customers may have been accessed by unauthorized third parties. Kronos’ services are relying on Java mostly, which means the notorious Log4j vulnerability may have caused the incident. Kronos also stated.
« We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation. We recognize the seriousness of this issue and will provide another update within the next 24 hours. »