Cloud software for Kronos biometric time and attendance systems knocked out by attack
Biometric time and attendance technology provider Kronos has suffered a ransomware attack affecting cloud software including payroll systems, and may take “several weeks” to restore the services, according to ZDNet.
The outage has caused major headaches at firms that rely on Kronos-generated records to process payroll, raising the prospect of missed paychecks in late-December.
Customers of Kronos include the City of Cleveland, Tesla, several U.S. universities, New York’s MTA and Sainsbury’s in the UK.
Worse, the City of Cleveland has informed employees that their data, including names, addresses, partial social security numbers and employee IDs, may have been compromised. Biometric data is not mentioned in the warning.
The MTA told the New York Post that the devices themselves remain functional, allowing employees to continue clocking in and out of work. Not all were doing so in the first place, however, despite the biometric system being implemented to curb rampant fraud in overtime claims.
A message posted to the Kronos community board admitted unusual activity on the Kronos Private Cloud impacting the solutions of its parent, UKG, but the statement was replaced with an error message as of midday on Tuesday.