The image is by Alex Castro.
Some workers are concerned that their last paychecks may be affected by the attack because their payroll provider, Kronos, is dealing with the attack. The incident has left many cities and states trying to come up with a plan to get paychecks out to their workers, and could affect HR operations at many organizations.
One Whole Foods worker told NBC News that they had been to use a paper punch sheet to keep track of their hours and that there was a real fear about their paychecks this Friday.
HR operations around the world have been disrupted.
Ultimate Kronos Group, or UKG, operates a suite of human resources software called Kronos Private Cloud. Initially, the company didn't reveal how severe the issue was, but it did say that it didn't have an estimate when they'd be back online. UKG recommended that customers consider alternative plans for processing time and attendance data.
The company said that it had been the victim of a ransomware attack and that it may take up to several weeks to restore system availability. It said its backups were unavailable.
The city of Denver, MGM Resorts, the YMCA, and New York City's Metro Transit Authority are just a few of the huge names on UKG's list. The Board of Water Supply in San Angelo, Texas, and Honolulu's Emergency Medical Services are among the medical facilities that have been affected.
Some companies have said they will get paychecks out. Whole Foods has said that it will be able to pay its employees on Friday, and the state of West Virginia has said that it will be able to pay workers on the 31st. The City of Cleveland said that employees will keep getting their paychecks, even though some of them may have had their names, addresses, and partial social security numbers compromised.
Some companies have been able to make payments.
Some companies will be missing payroll this week, according to anonymous sources. A post on the Sys admin subreddit gives an insight as to why they are taking so much effort to tally up employee hours and produce and mail checks without UKG.
According to NBC News, UKG hasn't given any information about the ransom or who is behind it. The company claims that the self-hosted versions of the affected applications should work fine, and that it doesn't have evidence that any other product outside of Kronos Private Cloud was affected in any way.
There is speculation that the log4j vulnerability could be linked to the ransomware attack. In an update to the site UKG set up to respond to this incident, the company said there is currently no indication that the two events are related.
Related.
The war on ransomware was won.