Human resource products outfit Kronos has confirmed its Kronos Private Cloud has been hit with ransomware that has knocked some of its services offline.
The global supplier of business software said that all its products had been hit. Bob Hughes, executive vice president at Kronos addressed customers on Monday saying the incident was indeed ransomware-related.
Hughes also said “it may take up to several weeks to restore system availability” and that customers should take additional measures to ensure the smooth running of their business while the outage persists. We are working with leading cyber security experts to assess and resolve the situation, and have notified the authorities,” said Hughes. “The investigation remains ongoing, as we work to determine the nature and scope of the incident”, he said.
“We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation. We recognise the seriousness of this issue and will provide another update within the next 24 hours.”
IT Pro contacted Kronos for further details, including if the company still has access to emails, but it did not reply at the time of publication. It’s also unclear at this time if the ransomware attack was launched via the recently discovered and widely feared Log4Shell Java vulnerability.
According to a Kronos customer success manager replying to a customer in the company’s online help centre, there is currently no indication that any customer data has been compromised in the attack and it has “all available resources deployed to mitigate any loss or access to companies personal data”.