Payroll program Kronos hit with ransomware, warns of weekslong outage

2 years ago 271

Generic hacking computer (Bill Hinton, Getty Images)

JACKSONVILLE, Fla. – If your company’s quality resources section uses the programme Kronos, it could instrumentality respective weeks earlier its systems to beryllium afloat restored owed to a ransomware attack.

The HR absorption institution wrote successful a memo astir the incidental that disrupted the “Kronos Private Cloud.” It’s suggested that companies who usage its work should trust connected an alternate until its fixed.

“We are moving with starring cyber information experts to measure and resoluteness the situation, and person notified the authorities,” Bob Hughes, the company’s enforcement vice president, wrote successful the memo. “The probe remains ongoing, arsenic we enactment to find the quality and scope of the incident.”

Kronos said it archetypal noticed antithetic enactment connected precocious Saturday, taking enactment successful an effort to mitigate the issue. So far, it hasn’t been capable to merchandise a circumstantial restoration time.

Baptist Health, headquartered successful Jacksonville, said it made adjustments aft learning of the malware enactment Saturday. It said successful a statement:

“After learning that Kronos experienced a planetary outage connected Saturday, Dec. 11, 2021, we implemented downtime protocols to guarantee payroll would proceed without interruption. All squad members volition beryllium paid connected their usually scheduled payday connected Friday, Dec. 17.”

Chris Hamer, a freelance net networking information consultant, describes what malware is.

“A portion of malicious bundle that volition infect your web oregon your machines, and it tin hap a fig of antithetic ways. It’s not ever the extremity users fault, but its occurrence is based connected either relaxed information oregon idiosyncratic who has mode excessively overmuch access,” Hamer said.

Hamer says it lone takes 1 idiosyncratic clicking a atrocious link.

“A network, if it’s configured properly, volition defy 1 attack, 100 attacks 1,000 attacks. It doesn’t care. It was told not to let this entree to a user. All they person to bash is marque 1 mistake. All we person to bash is click 1 email that came from idiosyncratic that had an attachment,” Hamer said.