Current:Home > reviewsHackers disrupt payroll for thousands of employers — including hospitals-DB Wealth Institute B2 Reviews & Ratings
Hackers disrupt payroll for thousands of employers — including hospitals
lotradecoin supported cryptocurrencies list View Date:2024-12-26 02:19:37
A month-old ransomware attack is still causing administrative chaos for millions of people, including 20,000 public transit workers in the New York City metro area, public service workers in Cleveland, employees of FedEx and Whole Foods, and medical workers across the country who were already dealing with an omicron surge that has filled hospitals and exacerbated worker shortages.
In the weeks since the attack knocked out Kronos Private Cloud — a service that includes some of the nation's most popular workforce management software — employees from Montana to Florida have reported paychecks short by hundreds or thousands of dollars, as their employers have struggled to manage schedules and track hours without the help of the Kronos software.
Though Ultimate Kronos Group, the company that makes Kronos, says that it expects systems will be back online by the end of January, affected employers say they don't yet know for sure when they will actually be able to access their systems and information.
The additional burden won't end once Kronos is back: Finance and human resources departments around the country face weeks of additional work bringing the manual records they have collected over a month or more back into the Kronos system. In the most severe cases, that backlog could delay issuing W-2s and other tax information.
"I can say that the timing wasn't the greatest, with end of year tax implications and people, most importantly, looking for their checks," said Paul Patton, the chief human resources officer for the city of Cleveland, which has set up a "war room" of administrative staff working to reconcile pay for the city's 8,000 employees.
Now that the disruption has proven to be major, some employers are considering lawsuits or other legal challenges to their contracts with UKG.
That includes the New York City area's Metropolitan Transportation Authority. MTA has "taken the first steps toward initiating legal action," said Eugene Resnick, an MTA spokesperson.
The hack is disrupting major public and private employers
Thousands of employers rely on Kronos products that were knocked offline, including some of the nation's largest private employers such as FedEx, PepsiCo and Whole Foods. Public employers, such as Prince George's County, Md., and the University of Utah, succumbed too.
About 8 million total employees are affected by the outage.
In Santa Fe, N.M., most of the city's 1,500-plus employees are filling out spreadsheets every two weeks to track their hours, rather than use the cloud-based software timecards that are customized to the needs of each city department.
Workers all across the city are affected by the Kronos outage, from the libraries to the police and fire departments, said Bradley Purdy, the city's chief information security officer.
"Just like everybody else, we're driving them crazy, saying, 'What's the latest?'," said Purdy. "If I was in their shoes, I'd be overly cautious too. They don't want to bring everything back up and all of a sudden have a repeat."
Employers have turned to a variety of manual solutions to cope with the temporary loss of Kronos. Some have asked employees to submit Google Forms every two weeks; others have simply asked employees to send their hours by email.
Others, like the city of Cleveland, have chosen to estimate their workers' hours for now, whether by issuing paychecks based on an employee's scheduled hours, or duplicating paychecks from previous pay periods.
That has resulted in paycheck shortages for some employees, especially those who worked overtime or on holidays. Federal labor law requires those employers to retroactively correct paychecks when they are able.
Health care employers have been hit particularly hard
For health care employers, the timing could not be worse. "A significant number" of the nation's hospital systems and health care employers have been affected by the Kronos outage, said John Riggi, the American Hospital Association's senior advisor for cybersecurity and risk.
One of the Kronos products knocked offline was designed specifically for health care providers to help them manage the complex employee schedules at 24-hour facilities.
The outage is an unneeded administrative nightmare timed precisely as the omicron surge is hitting hospitals, Riggi said.
"If you divert a clinical manager to help manual processing of payroll and timekeeping, obviously that's taking them away from their clinical management duties," said Riggi. "As we always do, hospitals and health systems get it done and care for patients, but under additional stress and burden that they don't need right now."
The attack has affected hospital systems and healthcare employers of all sizes – from small, remote rural hospitals up through urban multi-hospital medical systems, according to the AHA.
Some have struggled to pay workers accurately. Employees across the country have turned to their unions, social media, or local news outlets to report inaccurate paychecks.
Employees of the University of Florida Health system in Jacksonville told local TV station News4Jax that they have not received overtime or holiday pay for six weeks. In Montana, more than 250 nurses at Missoula's Community Medical Center have missed out on pay due to the hospital's decision to pay employees by duplicating an early December paycheck, according to a letter from the Montana Nurses Association reported by The Missoulian.
Affected employers have committed to correcting worker pay once Kronos systems are back online.
But for workers who live paycheck-to-paycheck, losing out on overtime and holiday pay is difficult, even if their pay is eventually corrected.
If the outage is prolonged, what is now a bad situation could become a nightmare for health care systems if workers become so exasperated that they choose to leave for employers whose payroll systems are intact.
Riggi and the American Hospital Association acknowledge that the ultimate responsibility for the disruption belongs to those who launched the ransomware attacks. "But that being said, there is still great disappointment in the field with Kronos, in terms of lack of initial transparency as to the extent of the disruption and in terms of initial backup procedures as well," he added.
UKG isn't saying how this happened and who is responsible
UKG has been tight-lipped on details about the attack and who is responsible. (The incident appears to be unrelated to the recently discovered Log4j vulnerability, the company says.)
"We took immediate action to investigate and mitigate the issue, have alerted our affected customers and informed the authorities, and are working with leading cybersecurity experts," said UKG in a statement shortly after the attack was announced in mid-December.
The company has hired Mandiant, a cybersecurity firm, to conduct an investigation of the incident and West Monroe, a digital consulting firm, to help restore operations.
Ransomware and other cyber attacks on private-sector corporations are increasingly common. President Biden has made combating cybercrime a priority of his administration. The Justice Department indicted two ransomware criminals late last year.
"A pretty juicy target"
As centralized providers of mission-critical software to thousands of employers nationwide, companies like UKG are at constant risk of cyber attacks, experts said.
In the eyes of ransomware attackers, who seek to maximize their leverage to extract as large a ransom as possible, a workforce software provider like UKG during the holiday season would be "a pretty juicy target," said Scott Kannry, the CEO of cybersecurity firm Axio.
"During the most inopportune time for somebody like that to go down, you stand a better chance of getting somebody to cut you a big check to get out of it," he said.
Now, as UKG begins to restore its systems, it will soon face another round of consequences: legal action and lawsuits.
Some of those legal threats may come from employers, such as MTA in New York.
Others will come from workers. After Larry Kroeck, a cafeteria employee at Pittsburgh's Allegheny General Hospital, asked about 54 hours of pay missing from his paycheck, supervisors told him "nothing could be done and there were 2000 other Larry Kroecks with the same problem," according to a lawsuit filed by Kroeck this week that names both UKG and the hospital as defendants.
The hack could potentially have jeopardized personal information
A class-action suit filed last week in the Southern District of Florida alleges more than $5 million in damages stemming from what it calls UKG's "failure to properly secure and safeguard personal identifiable information."
What personal information was breached depends on how individual employers used UKG's various services. Many employers warned their workers that some information is likely in the hands of attackers, including names, contact information and basic employment information.
For some, the breach could be more severe: The city of Cleveland, for instance, warned its employees that the final four digits of their Social Security Numbers were compromised.
A spokesperson for UKG declined to comment on the lawsuits. "Our investigation is still ongoing and we are working diligently with cybersecurity experts to determine whether and to what extent sensitive customer or employee data has been compromised," UKG wrote in a public update on Dec. 28.
Perhaps more simply, the breach may cause UKG to lose customers to its competitors. "Ransomware, more than the cost of anything else, just hurts your reputation," said Purdy, the information security official for the city of Santa Fe.
Workforce management software is traditionally "sticky," a term in the software industry that means it can be difficult for customers to switch to a competitor. But experts said that the length and severity of the disruption will have employers taking a second look, even if they ultimately choose to stay with Kronos.
"I'm sure everybody's going to be looking at their contract a little closer," said Purdy. "And when those contracts come up for renewal, they're going to make sure there's a lot more language on what to do in this kind of scenario."
veryGood! (299)
Related
- 'Love Island UK' stars Molly-Mae Hague, Tommy Fury announce split after 5 years
- Amid legal challenges, SEC pauses its climate rule
- WrestleMania's Rock star: Why Dwayne Johnson's WWE uber-heel is his greatest role ever
- Timeline of events: Kansas women still missing, police suspect foul play
- White House says deals struck to cut prices of popular Medicare drugs that cost $50 billion yearly
- Fact-checking 'Scoop': The true story behind Prince Andrew's disastrous BBC interview
- USC’s Bronny James declares for NBA draft and enters transfer portal after 1 season
- 3 retired Philadelphia detectives to stand trial in perjury case stemming from 2016 exoneration
- The Notebook Actress Gena Rowlands Dead at 94
- Last chance to see the NCAA's unicorn? Caitlin Clark's stats put her in league of her own
Ranking
- Get 10 free boneless wings with your order at Buffalo Wild Wings: How to get the deal
- Caitlin Clark got people's attention. There's plenty of talent in the game to make them stay
- Sean Diddy Combs and Son Christian Sued Over Alleged Sexual Assault and Battery
- Fact-checking 'Scoop': The true story behind Prince Andrew's disastrous BBC interview
- Proposal to allow local police to make arrests near Arizona border with Mexico will appear on ballot
- Got your eclipse glasses? This nonprofit wants you to recycle them after April 8 eclipse
- Jordan Mailata: From rugby to earning $100-plus million in Eagles career with new contract
- Horoscopes Today, April 4, 2024
Recommendation
-
Social media celebrates Chick-Fil-A's Banana Pudding Milkshake: 'Can I go get in line now?'
-
Pete Townshend on the return of Tommy to Broadway
-
Man convicted in decades-long identity theft that led to his victim being jailed
-
Why women's March Madness feels more entertaining than men's NCAA Tournament
-
Alabama Supreme Court authorizes third nitrogen gas execution
-
South Carolina women stay perfect, surge past N.C. State 78-59 to reach NCAA title game
-
Charlotte Tilbury Muse Michaela Jaé Rodriguez On Her Fave Lip Product & Why She Does Skincare at 5 A.M.
-
'Game of Thrones' star Joseph Gatt files $40M lawsuit against Los Angeles officials for arrest