The payroll of Healthcare Organizations Endangered by Kronos Ransomware Attack

The number of healthcare companies impacted by the new ransomware attack on Kronos is rising during the last couple of days. Seven healthcare organizations already affirmed that they were affected by the attack.

Kronos is an employees management and human capital management system provider located in Lowell, MA that numerous healthcare providers employ for payroll, appointment, and other services. Last December 11, 2021, Kronos identified abnormal activity within its systems used inside the Kronos Private Cloud. Steps were quickly undertaken to check the activity and prevent any suspicious access. It was easily confirmed to be a ransomware attack, that impacted portions of its cloud system where Ultimate Kronos Group (UKG) solutions are employed, such as UKG TeleStaff, Banking Scheduling Ukg Workforce Central, and Healthcare Extensions.

UKG stated it employed a top-rated cyber security agency to evaluate and minimize the attack and the inquiry into the breach is continuing. The impacted services stay offline and Kronos has firmly proposed to its clients to examine and use alternate business continuity practices linked to the affected UKG solutions because it may require a number of weeks to reestablish system accessibility.

Seven healthcare company clients have lately established that the ransomware attack had impacted them. They were: Uf Health Allegheny Health Network, Ascension, Shannon Medical Center Highmark Health, Franciscan Missionaries Of Our Lady Health System, and Baptist Health.

Shanon Medical Center based in San Angelo, TX, UF Health in Gainesville, FL, Baptist Health based in Jackson, Fl, and Ascension St. Vincent Hospital in Indianapolis, IN stated that payroll was affected and they have used different systems to make certain their workers are paid, whereas Allegheny Health Network based in Pittsburg, PA, and Highmark Health explained they are doing all they could to make sure staff members are compensated by the due date.

Franciscan Missionaries of Our Lady Health System in Baton Rouge, LA employed Kronos for keeping time and booking and has turned to emergency downtime operations to make certain there is no problem with its services.

The American Hospital Association (AHA) stated it has gotten a few reports from members verifying they were impacted and are working to lessen interruption. A deficiency of the availability of those solutions may be quite troublesome for health care companies, most of whom are encountering spikes of COVID-19 and influenza patients, mentioned by AHA senior advisor for cybersecurity and risk, John Riggi. This attack once more demonstrates the requirement for strong third-party risk management programs that determine mission-critical dependencies and downtime readiness. In case mission-critical third-party services are made accessible as a result of a cyberattack, it could cause interferences to hospital operations. Consequently, we ask all third-party companies that support the health care community to look at their cyber preparedness, response, and resiliency functionality.

Elizabeth Hernandez

Elizabeth Hernandez is the editor of HIPAA News section of HIPAA Coach and an experienced journalist in the healthcare sector. She specializes in healthcare and HIPAA compliance, making her a go-to source for information on healthcare regulations. Her work focuses on the importance of patient privacy and secure information handling. Elizabeth also has a postgraduate degree in journalism. Follow on Twitter: You can follow Elizabeth on twitter at