Business

Will my paycheck be affected by the hack? : NPR




Will my paycheck be affected by the hack?  : NPR
A man holds a laptop while cyber code is projected on him.

A ransom attack on one of the largest human resource companies can affect how many employees get paid and track their paid time off.

The personnel management company Ultimate Kronos Group (known as Kronos) said that it was exposed to a ransom attack that could keep the systems offline for several weeks.

Software-dependent companies are working to find backup plans to ensure that employees are paid – including the issuance of paper checks, some for the first time in several years.

Kronos is widely used around the country by companies and authorities to track employee hours and issue salaries. Its many customers include municipal authorities, university systems and large companies. (NPR also uses Kronos.)

According to a spokesperson for UKG, the ransomware has only affected customers who used a specific product called Kronos Private Cloud.

“We took immediate action to investigate and reduce the problem, alerted our affected customers and informed the authorities, and work with leading network security experts. We recognize the seriousness of the problem and have mobilized all available resources to support our customers and work diligently to restore the affected services, “the spokesman said in a statement to NPR.

Which employers are affected?

Dozens of companies and government agencies announced this week that they had been affected by the attack – a figure far below its likely impact, given Kronos’ ubiquitousness.

The hack included planning products specifically designed for healthcare, financial institutions and public security workers.

During Monday and Tuesday, many employers announced to their employees that they were affected – such as employees of the New York Metropolitan Transportation Authority, hospital workers in San Angelo, Tex., And public water workers in Honolulu.

The city of Cleveland, which employs thousands of workers, said in a statement Monday that it was among employers who trusted the hacked software, along with the Oregon Department of Transportation.

And a number of universities, such as the University of Utah, George Washington University and Yeshiva University in New York, also reported being affected.

How does it affect pay slips?

The extent to which some employees are affected depends on how their employers used the software.

Employers who use Kronos to clock employees in and out of shifts can ask workers to track start and end times manually, while companies that rely on Kronos issuing pay slips can send out paper checks as long as the service is down.

Employers can also choose to issue generic pay slips that compensate employees for a basic number of scheduled hours, instead of the actual hours worked – and later issue corrections as needed.

The law on fair labor standards requires that employers track working hours performed by employees regardless of the timing method used (in other words, via Kronos or a manual time card or otherwise), and then pay their employees immediately. Individual states can also control exactly how often these pay slips must occur.

What about personal information?

When it comes to personal information, it varies from employer to which employee information is stored in Kronos – and therefore can be exposed to attackers.

In statements to employees, several companies said they believed the most sensitive personal information, including social security numbers, had not been broken – but the city of Cleveland warned employees that the last four digits of social security numbers could be compromised.

How long before the service is fixed?

The service can be out for “several weeks”, according to a blog post by Bob Hughes, the company’s customer and strategy manager. The post was published on Sunday, although it later became unavailable.

Because the solution may take long enough to affect payroll and planning operations, the company has encouraged employers to find “alternative business continuity protocols” while working on a solution.

Is this related to Log4j?

On Tuesday, it was not clear how the ransomware attackers managed to turn the software offline.

The incident comes on the heels of revelations about a major vulnerability in a piece of software called Log4j that is frequently used with the programming language Java.

The Log4j error allows an external hacker to take over a device or system running the software, allowing them to install crypto miners or steal private data, among other things.

Because Java is one of the most widely used programming languages ​​in the world, cybersecurity researchers have warned that the effects could be far-reaching.

It is not yet clear that the Kronos hack is related to the Log4j vulnerability, said Allan Liska, an intelligence analyst at the cyber security company Recorded Future.

“It is likely that the attacker had been in Kronos for several weeks and started the attack before Log4J was reported. This does not mean that the two are not connected. But the best evidence right now says otherwise,” he told NPR.

Additional reporting by Jenna McLaughlin.



Source link

Back to top button