A ransomware attack has impacted several Ultimate Kronos Group services that hospitals and other organizations use to manage their employees and payrolls, the HR management company has confirmed. According to an alert issued yesterday by the Health Information Sharing and Analysis Center, UKG has alerted impacted customers that the attack affects the Kronos Private Cloud, which includes UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions. Many hospitals and health systems depend on Kronos for timekeeping, scheduling and payroll. 

John Riggi, senior advisor for cybersecurity and risk, said, “A lack of the availability of those services could be quite disruptive for health care providers, many of whom are experiencing surges of COVID-19 and flu patients. We have received several reports from the field indicating that some hospitals and health systems have been impacted by this ransomware attack against Kronos. This attack once again highlights the need for robust third-party risk management programs that identify mission-critical dependencies and downtime preparedness. If mission-critical third-party services are made unavailable due to a cyberattack, it may result in disruptions to hospital operations. As such, we urge all third-party providers that serve the health care community to examine their cyber readiness, response and resiliency capabilities.” 
 

Related News Articles

Headline
The Cybersecurity and Infrastructure Security Agency, FBI and National Security Agency yesterday released recommendations to help health care and other…
News
A report by the United Kingdom’s National Health Service is warning of threats leveraging Log4Shell vulnerability in VMware Horizon servers by an unknown cyber…
Headline
Health and Human Services Secretary Xavier Becerra today in a letter to health care and public health leaders urged vigilance against cyber threats posed…
Headline
John Riggi, AHA’s national advisor for cybersecurity and risk, discusses insights and lessons learned from hospital leaders from Dickinson County Healthcare…
Headline
Apache has released a security update to address a second severe vulnerability affecting its Log4j software library, which a remote attacker could exploit to…
Headline
The Cybersecurity and Infrastructure Security Agency has created a webpage to provide the latest public information and vendor-supplied advisories on a…