Ransomware attack threatens paychecks just before Christmas


A large payroll company was paralyzed by ransomware hackers, which resulted in some companies across the country struggling to pay employees’ last paychecks before Christmas, leaving many workers wondering if they are getting paid on time.

Kronos, one of the largest human resource management companies in the US, was hit by ransomware on Saturday company public update page, and announced Monday that its cloud-based programs – which a number of companies use to pay their employees and manage their hours – would be unavailable for “several weeks”.

For many Americans who are paid biweekly, December 17th is the last payday before Christmas.

A Kronos spokesman declined to say which ransomware group was responsible, whether the company was planning to pay, how much the hackers were charging, or providing a full list of customers using its cloud services that were affected.

A number of large corporations including Whole Foods, GameStop, and Honda, as well as state and local government agencies such as the state of West Virginia and City of Cleveland, rely on Kronos for payroll and planning services for their employees.

“We’re very scared of our paychecks next Friday,” said a Whole Foods employee who asked not to be named for fear of reprisals.

“Whole Foods instructed us to use a perforated paper sheet to keep track of our lessons and our team leaders were instructed to handwrite the schedule as the timetable-writing system was also down,” she said in an email .

Rachel Malish, a spokeswoman for Whole Foods, said the company sent a memo to employees on Wednesday that it found a way to pay all employees on Friday.

GameStop did not respond to requests for comment.

A number of healthcare companies and hospitals rely on Kronos for planning and payroll, said John Riggi, senior cybersecurity advisor for the American Hospital Association, an industry group, in a Press release.

“A lack of availability of these services could be quite disruptive to healthcare providers, many of whom are seeing increases in COVID-19 and flu patients. We have received several real-world reports indicating that some hospitals and healthcare systems have been affected by this ransomware attack, ”Riggi said.

“As with many other companies, Honda’s time and attendance system was impacted by the outage,” Marcos Frommer, a Honda North America spokesman, said in an email. “The outage has temporarily disrupted our payroll system. Honda is taking steps to minimize the impact on our employees. We are continuing to work closely with UKG to resolve this issue. “

The state of West Virginia, which uses Kronos for most recruitment agencies, relies on emergency funding to pay its employees on time, state chartered accountant JB McCuskey said in a press release.

Ransomware, where hackers remotely lock computers and demand payment to fix them or not reveal their contents to the public, has become a booming criminal industry. The Biden administration has several steps to bolster the country’s cybersecurity efforts; and the Department of Defense recently approved occasionally beating some international ransomware actors offline.

But the underground hacking world is resilient and persists despite these measures, said Brett Callow, an analyst at cybersecurity firm Emsisoft.

“Ransomware remains a very big problem, and unfortunately it’s a problem that is unlikely to be resolved anytime soon,” said Callow.


Comments are closed.