Payroll Software Hack - Kronos - What does this mean for you?


Cyber attacks have been on the rise and are becoming increasingly detrimental to companies and their employees. The most recent victim - Kronos. Make sure that you and your company are educated on what this could mean for your business and the livelihood of your employees.


Does your company use Kronos? The Ultimate Kronos Group is an all-in-one HR and workforce management platform with services such as payroll management, time and attendance, and absence and leave. They are widely popular and service high-end companies like Tesla and Yamaha. However, right now they aren’t making headlines because of their clientele. You’ve likely heard that Kronos has been the latest victim of a cybersecurity attack.


According to their website, there has been a log4j vulnerability reported as CVE-2021-44228. What does this mean? This means that they have experienced a ransomware incident affecting the Kronos Private Cloud and they are working with authorities to mitigate and resolve this attack. While doing so, their systems are completely down and inaccessible - possibly for weeks.


If your company uses Kronos, this may be devastating. Not only are employees unable to track time, employers may not be able to run payroll to pay their employees. Kronos is recommending that companies implement alternative means for the next few weeks. At this time it is unclear if any data has been compromised or if any third party softwares have been impacted.


The immediate risk due to this situation is obvious - employees may not be getting paid.


But, what can this mean in the long-term, or for other payroll/HR management-style companies?

  • Continued Cyber Attacks? There is no way to know for sure, but cyber attacks are a real threat and can happen to anyone. Some of the things we are thinking about are the HR nightmares that can come from this type of attack.

  • Data leaks of personal information can cause many issues and be very scary and traumatic for anyone.

  • We’re also wary that if this can happen to Kronos, are other payroll companies next?


What can you do to prepare?

We are advising our clients to reach out to their payroll companies and make themselves aware of what is going on here.

  • Consider what your backup plan would be if this happened in your payroll company.

  • Do you have other options?

  • The Turning Point HCM team is following this closely and our HR experts can help you and prepare you for potential risks.

These cybersecurity attacks can be random and unpredictable. Make sure that you are aware they are happening and put steps in place to do your due diligence in prevention and reaction.


If you have any concerns or aren’t sure exactly how/if this affects you, please visit our website and click the “Ask Liv Now” button for help.