Go Back  DVD Talk Forum > General Discussions > Other Talk
Reload this Page >

Kronos ransomware attack - Is your company & paychecks affected?

Other Talk "Otterville"

Kronos ransomware attack - Is your company & paychecks affected?

Old 12-15-21, 08:03 PM
  #1  
DVD Talk God
Thread Starter
 
DJariya's Avatar
 
Join Date: Aug 2002
Location: La Palma, CA
Posts: 69,451
Received 1,683 Likes on 1,236 Posts
Kronos ransomware attack - Is your company & paychecks affected?

https://www.nbcnews.com/tech/securit...stmas-rcna8795

A major payroll company has been crippled by ransomware hackers, leaving some companies around the country scrambling to cover employees’ last paychecks before Christmas and many workers wondering if they’ll get paid on time.

Kronos, one of the largest workforce management companies in the U.S., was hit with ransomware Saturday, according to the company's public updates page, and announced Monday that its programs that rely on cloud services — which a number of companies use to pay employees and manage their hours — would be unavailable for “several weeks.”

For many Americans who are paid biweekly, Dec. 17 is the final payday before Christmas.

A spokesperson for Kronos declined to name which ransomware group was responsible, whether the company planned to pay, how much the hackers demanded or to provide a full list of customers that use its cloud services and were affected.

A number of major companies, including Whole Foods, GameStop and Honda, as well as state and local government agencies like the state of West Virginia and city of Cleveland, rely on Kronos for payroll and scheduling services for their employees.

“There is a real fear about our paychecks this upcoming Friday,” said one Whole Foods employee, who requested not to be named out of fear of reprisal.



“Whole Foods has instructed us to use a paper punch sheet to keep track of our hours & our Team Leads have been instructed to hand write the schedule, since the schedule writing system is also down,” she said in an email.

Rachel Malish, a spokesperson for Whole Foods, said that the company sent a memo to employees Wednesday that it had found a way to pay all employees on Friday.

GameStop didn’t respond to requests for comment.



“Like many companies, Honda’s timekeeping system has been impacted by the outage,” Marcos Frommer, a spokesperson for Honda North America, said in an email. “The outage has resulted in a temporary disruption to our payroll reporting system. Honda is taking steps to minimize the impact to our associates. We’re continuing to work closely with UKG to resolve this issue.”

The state of West Virginia, which uses Kronos for most employee agencies, is relying on emergency funding to pay staffers on time, state auditor JB McCuskey said in a news release.

Ransomware, where hackers remotely lock computers and demand a payment to fix them or to not reveal their contents to the public, has become a booming criminal industry. The Biden administration has taken several steps to bolster the country’s cybersecurity efforts, and the Department of Defense recently admitted to occasionally knocking some international ransomware actors offline.

But the underground hacking world is resilient and persists despite those measures, said Brett Callow, an analyst at the cybersecurity company Emsisoft.

“Ransomware nonetheless remains a very big problem, and unfortunately, it’s a problem that’s not likely to be solved anytime soon,” Callow said.

I work for the NFL and they use Kronos and I have to punch in and out.

They were affected by this attack. All systems are currently offline and they said this could take weeks to get back up. And this attack happened when our payroll was being processed. So they had to scramble to get everyone's hours from the last 2 weeks. My boss had to contact me about 2 days of work and my hours.

Is anyone here using Kronos?

Payroll has told use to use manual timesheets for the time being.


Old 12-15-21, 09:35 PM
  #2  
DVD Talk Limited Edition
 
Join Date: Oct 2003
Posts: 6,726
Received 474 Likes on 380 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

I'm not affected, but I feel remorse and rage for those who are. These ransomware bandits MUST be stopped. I think either lobotomy, evisceration, being guillotined, or drawing-and-quartering are the only real solutions, barbaric as those methods are, of stopping the menace. Ransomware attack is a far, far worse crime than almost any other, for it truly is a slaughter of the innocents. Where's the support for enacting "draconian" legislation to stop these fucks, either within or without our borders?
The following users liked this post:
JackoOnHisBacko (12-18-21)
Old 12-15-21, 10:02 PM
  #3  
DVD Talk Ultimate Edition
 
Join Date: Mar 2009
Posts: 4,472
Received 163 Likes on 128 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

The sad part is, it most likely wasn’t a firewall or technology issue. The first line of defense is always “You”, the user.

Some idiot probably fell for a phishing email or opened an attachment. Ransomware launched.
The following users liked this post:
VinVega (12-18-21)
Old 12-15-21, 11:00 PM
  #4  
DVD Talk Limited Edition
 
Join Date: Oct 2003
Posts: 6,726
Received 474 Likes on 380 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by MLBFan24 View Post
The sad part is, it most likely wasn’t a firewall or technology issue. The first line of defense is always “You”, the user.

Some idiot probably fell for a phishing email or opened an attachment. Ransomware launched.
(digressing)
Well, the onus is still on the company, and their lax security measures. But, that is of course only half the story. It could also be a dullard or unqualified network engineer or system admin who either 1. was an ex-employee and spilled the beans maliciously because of maltreatment by the company, or 2. foolishly left in a back door, mistyped some lines of code which caused a security leak, etc. But, as I've said, you can idiot-proof to about 95% if you're mediocre, the other 5% comes with *expensive* cybersecurity offensive and defensive control. The company's possibly being lax in security is still no one to blame. The "crime of opportunity" and the *ease at which it's accomplished* needs to be curtailed with truly punitive and physical punishment and condemnation of the ransomware hackers themselves. Flash their group name in big red lights. Let the people flay them! It needs to be bloody in order for REAL action to happen to stop them. They need to know it doesn't pay, and will cost them their lives *when* they're caught. The handling with kid gloves and the PC-bullshit doesn't apply to them. Not when millions of people are affected!
Old 12-16-21, 12:10 AM
  #5  
DVD Talk Legend
 
Vibiana's Avatar
 
Join Date: Jan 2006
Location: Living in a van down by the river
Posts: 16,437
Received 522 Likes on 246 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

My employer uses ADP, a fact for which I am now profoundly grateful.
Old 12-16-21, 09:02 AM
  #6  
DVD Talk Legend
 
cultshock's Avatar
 
Join Date: Oct 2002
Location: True North Strong & Free
Posts: 17,388
Received 670 Likes on 472 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by Vibiana View Post
My employer uses ADP, a fact for which I am now profoundly grateful.
Mine too, whew! (well, until they eventually get hacked too )
Old 12-16-21, 09:08 AM
  #7  
DVD Talk Legend
 
GoldenJCJ's Avatar
 
Join Date: Oct 2000
Location: Colorado
Posts: 20,611
Received 1,527 Likes on 996 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

My last employer used Kronos. From what I remember it was a pretty slick program. If I remember correctly, you could download an app that could handle all your time sheet needs. I wonder if having that app opened them up to easily being hacked.
Old 12-16-21, 09:18 AM
  #8  
DVD Talk Hero
 
Join Date: May 2001
Posts: 43,297
Received 606 Likes on 490 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

We also use ADP. Ransomware is a bitch but there are a lot of ways to prevent it and - barring that - mitigate the damage (especially in the era of cloud everything), I wonder what their weak link was.

...I'm also curious what antivirus program they're using.
Old 12-16-21, 09:26 AM
  #9  
DVD Talk Legend
 
milo bloom's Avatar
 
Join Date: May 2001
Location: Chicago suburbs
Posts: 16,560
Received 882 Likes on 669 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Also ADP, we just got our bonuses in fact.

I still get angry that hackers do shit like this instead of digitally erasing debt like medical bills or mortgages.
Old 12-16-21, 09:40 AM
  #10  
DVD Talk Legend
 
EdTheRipper's Avatar
 
Join Date: Nov 2005
Location: Rhode Island
Posts: 15,443
Received 40 Likes on 32 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

My company uses Kronos. To pay us for hours worked last week, they just reissued the same exact payment as the week before. It works out okay for full-timers, as most of us have the same hours weekly, but there are employees who were on vacation and ended up with no pay last week or this week. The company is offering loans to anyone affected, or they can choose to ride it out and wait to get paid when things are back up and running. We have a new hire that worked 1 day in his first week and 5 days the following week. A one day paycheck is a hell of a way to make a first impression.

We punch in and out using Kronos and will be able to continue using a manager's card to do so until the time clock runs out of physical memory. We are also signing in and out using a manual timesheet each day.
Old 12-16-21, 10:05 AM
  #11  
DVD Talk Hero
 
Josh-da-man's Avatar
 
Join Date: Sep 2000
Location: The Bible Belt
Posts: 38,215
Received 1,252 Likes on 898 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by milo bloom View Post
I still get angry that hackers do shit like this instead of digitally erasing debt like medical bills or mortgages.
Those probably have better security.

Old 12-16-21, 10:09 AM
  #12  
DVD Talk Hero
 
Nick Danger's Avatar
 
Join Date: Mar 2001
Location: Albuquerque
Posts: 27,479
Received 792 Likes on 519 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by milo bloom View Post
Also ADP, we just got our bonuses in fact.

I still get angry that hackers do shit like this instead of digitally erasing debt like medical bills or mortgages.
Tyler Durden says hello.
The following users liked this post:
milo bloom (12-16-21)
Old 12-16-21, 10:12 AM
  #13  
DVD Talk Ruler
 
General Zod's Avatar
 
Join Date: Sep 2001
Location: Santa Clarita, CA
Posts: 23,106
Received 555 Likes on 346 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by milo bloom View Post
Also ADP, we just got our bonuses in fact.

I still get angry that hackers do shit like this instead of digitally erasing debt like medical bills or mortgages.
Or add an extra digit to everyone's paycheck. Is it really that much to ask?
The following users liked this post:
milo bloom (12-16-21)
Old 12-16-21, 10:12 AM
  #14  
DVD Talk Platinum Edition
 
Join Date: Sep 2012
Posts: 3,338
Received 119 Likes on 106 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by Josh-da-man View Post
Those probably have better security.
Especially financial institutions which are highly regulated by the federal government.

They want to avoid anything resembling a "bank run" of everybody taking out all their cash all at once, or "bank holidays".
Old 12-16-21, 10:13 AM
  #15  
DVD Talk Platinum Edition
 
Join Date: Sep 2012
Posts: 3,338
Received 119 Likes on 106 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by General Zod View Post
Or add an extra digit to everyone's paycheck. Is it really that much to ask?
The feds can do that very easily, by "printing up money".

Old 12-16-21, 11:18 AM
  #16  
DVD Talk Legend
 
LurkerDan's Avatar
 
Join Date: Jan 2000
Location: The People's Republic of Boulder
Posts: 23,278
Received 256 Likes on 185 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

I work for state government, and this has impacted us. How, I don't know. I get paid monthly at the end of the month, so I doubt it will affect my check, but don't know if every agency gets paid the same way. We have been assured that we have appropriate backup systems in place to handle this.
Old 12-16-21, 12:10 PM
  #17  
bcd
Senior Member
 
Join Date: Apr 2002
Location: A place with only 3 seasons of Community
Posts: 899
Received 46 Likes on 26 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

This has hit us. I recently do a new job within the company and transitioned to salary. We get paid every two weeks and it only has one week of my new salary on the paystub, and no hours from the previous week. Just kind of a shit show.
Old 12-16-21, 12:27 PM
  #18  
DVD Talk Legend
 
Join Date: Aug 1999
Location: behind the eight ball
Posts: 19,582
Likes: 0
Received 120 Likes on 81 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

It hit us, but payday is tomorrow so those deposits were already processed. 12/31 will not be delayed, according to the payroll office.
Old 12-16-21, 01:25 PM
  #19  
DVD Talk Ultimate Edition
 
Inhumans99's Avatar
 
Join Date: May 2005
Location: Fremont, CA
Posts: 4,240
Received 147 Likes on 127 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

I know that several companies under the IB umbrella got hit, as I work for one of them. Since the hack shut down my electronic Kronos punches at the beginning of the week my hope is that any delay in getting fully paid out for time worked this week will be minimal. It sounds like folks who use a cloud version of Kronos were affected, but yeah....not a good look for Kronos. To be fair, when it works it works, I admit that being able to easily easily retract PTO requests if necessary, etc., are nice and convenient for me but as this hack proves Ransomware is still very much a tried and true method to try and extort money from some of the larger institutions out there. Doing this hack right before Christmas, the hackers are certainly spiking the ball when it comes to making their point doing this, hitting folks in the pocketbook right before Christmas. It just creates even more negative PR around Kronos.
Old 12-16-21, 02:24 PM
  #20  
DVD Talk Legend
 
AGuyNamedMike's Avatar
 
Join Date: Jul 2000
Location: (formerly known as Inglenook Hampendick) Fairbanks, Alaska!
Posts: 16,493
Received 274 Likes on 191 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Originally Posted by milo bloom View Post

I still get angry that hackers do shit like this instead of digitally erasing debt like medical bills or mortgages.
There's no profit in that, and hacking anymore is primarily a criminal enterprise sponsored and organized by syndicates or even governments.
Old 12-16-21, 03:34 PM
  #21  
DVD Talk Hero
 
Join Date: Aug 1999
Posts: 38,091
Received 1,048 Likes on 814 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

So did they figure out whether this is related to the log4j vulnerability, or something completely different?

Because this log4j vulnerability is probably going to be really, really bad.
Old 12-16-21, 03:52 PM
  #22  
DVD Talk Hero
 
Join Date: May 2001
Posts: 43,297
Received 606 Likes on 490 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Definitely possible.

Log4j gives a foothold but other issues would have to be present to escalate to this point. Ransomware seems like it'd be way easier to get through user error and phishing than an actual red team infiltration, imo at least (and especially at an HR company with a lot of clients at the end of the year) but who knows.

I'm sure we'll get more information in a few days.

Last edited by RichC2; 12-16-21 at 04:41 PM.
Old 12-16-21, 03:57 PM
  #23  
DVD Talk Godfather
 
Giantrobo's Avatar
 
Join Date: Apr 1999
Location: Gateway Cities/Harbor Region
Posts: 60,719
Received 821 Likes on 553 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

My company used to use Kronos but switched to Workday years ago. Kronos was kinda sucky back then.
Old 12-16-21, 04:39 PM
  #24  
DVD Talk Ultimate Edition
 
Join Date: Mar 2009
Posts: 4,472
Received 163 Likes on 128 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

I just realized the state agency I work for launched their annual security training yesterday. Good timing. About a one hour training session. If I don't finish it before the deadline, they will shut off my login access.

One new security risk I learned - "juice jacking" - public USB charging stations can also be a malicious USB data connection

Last edited by MLBFan24; 12-16-21 at 04:46 PM.
Old 12-16-21, 05:21 PM
  #25  
DVD Talk Legend
 
d2cheer's Avatar
 
Join Date: Dec 1999
Posts: 10,872
Received 180 Likes on 126 Posts
Re: Kronos ransomware attack - Is your company & paychecks affected?

Our company got hit. We use Kronos. We are doing the same as someone mentioned issuing the same checks this week from previous. It will get sorted if some are underpaid. Our Company is not concerned about overpaying.






Thread Tools
Search this Thread

Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service - Do Not Sell My Personal Information -

Copyright © 2021 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.