Human Resources Giant Kronos Suffers Ransomware Attack
Workforce and payroll management service provider Kronos announced a successful ransomware attack on its network. According to the statement released by the company, the aftershocks of the attack may resonate for weeks to come.
Another day – another ransomware attack
Kronos provides human resources and payroll management solutions to a huge number of customers, including companies like Tesla, Puma, Sainsbury's supermarkets as well as universities and city government bodies. Kronos informed customers that they might need to "evaluate and implement alternative business continuity protocols" to use in place of the services affected by the cyber attack.
As it usually happens with this kind of attack, Kronos initially reported "unusual activity" on its Private Cloud services. The company's initial estimation was that the issue will take several days to sort out, but this was updated to likely needing weeks to fix. Solutions offered by Kronos that are not delivered through the Kronos Private Cloud are not affected.
The company also stated that information belonging to some of those big clients may have been illegally accessed during the breach. The initial attack vector used to infiltrate Kronos is still unknown.
Security experts are just as confused about how the breach happened, with ThreatPost quoting Swimlane's Nick Tausek who explains that the attack succeeded despite Kronos Private Cloud using firewalls, encryption of transmitted data, and even multi-factor authentication as a final precaution.
Disgruntled clients seek backup plans
With Christmas week just around the corner, many companies need the solutions they are now left without to process their payroll. Customers who are using the Kronos Private Cloud to manage large organizations were naturally very unhappy with the situation, leaving disgruntled comments and asking for some way to restore at least the very basic functionality they need. Others were unhappy with the lack of any meaningful contingency plan provided by Kronos.