Sainsbury’s Payroll Disrupted By US Ransomware Attack

Sainsbury’s has acknowledged it is one of the businesses hit by a ransomware attack on a major US provider of cloud payroll systems.

The supermarket chain lost a week’s worth of data for its 150,000 UK employees, The Mirror reported.

Companies such as Sainsbury’s rely on services from Ultimate Kronos Group (UKG), based in Lowell, Massachusetts and Weston, Florida, to log staff hours and calculate pay.

Sainsbury’s said staff would be paid before Christmas.

Payroll data

It said departments including payroll, human resources and accounting were using historical data and working patterns to ensure accurate and timely payment.

“We’re in close contact with Kronos while they investigate a systems issue,” Sainsbury’s said in a statement.

“In the meantime, we have contingencies in place to make sure our colleagues continue to receive their pay.”

Kronos acknowledged the ransomware attack last Monday, after noticing “unusual” activity the previous Saturday.

It said its systems could be down for several weeks and advised its customers to “evaluate and implement alternative business continuity protocols”.

Disruption

Kronos’ customers include the city of Cleveland, Ohio, New York City’s Metropolitan Transportation Authority (MTA), Tesla, MGM Resorts International, Whole Foods, Honda North America and hospitals across the US. Honda UK is reportedly not affected.

The attack affects Kronos Private Cloud, a cloud data storage offering for several of the company’s services, including UKG Workforce Central, used by employees to track hours and schedule shifts.

Kronos said after detecting the attack it took “immediate” action to investigate and mitigate the issue, alerted affected customers, informed authorities and is working with cybersecurity experts.

“We recognise the seriousness of the issue and have mobilised all available resources to support our customers and are working diligently to restore the affected services,” the company said.

In most cases staff can log hours using the offline Kronos timesheet system, but it is unclear when the systems will come back online.

Log4j vulnerability

The MTA said it had “complete confidence” staff would be paid for every hour worked.

The city of Cleveland said Kronos had alerted it last week that some sensitive data may additionally have been compromised, including staff names, addresses and the last four digits of social security numbers.

Kronos said in an FAQ page that it is “working diligently to determine whether customer data has been compromised”.

The incident occurred as organisations scrambled to patch a widespread security vulnerability known as Log4j.

Kronos said it had initiated a “rapid” patching process for Log4j and was still investigating whether the vulnerability had been used in the ransomware attack.

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

Ericsson To Cut 1,200 Jobs in Sweden Amid ‘Challenging’ Market

Swedish telecoms giant Ericsson blamed “challenging mobile networks market” and “further volume contraction” for job…

18 hours ago

FTX’s Sam Bankman-Fried Sentenced To 25 Years In Prison For $8bn Fraud

Dramatic downfall. Sam Bankman-Fried sentenced to 25 years in prison for masterminding $8bn fraud that…

19 hours ago

Elon Musk Orders FSD Demo For Every Tesla US Sale

Fallout avoidance? Tesla buyers in the US must be shown how to use the FSD…

20 hours ago

Amazon Pumps Another $2.75 Billion Into Anthropic

Amazon completes its $4bn investment into AI firm Anthropic, after providing an additional $2.75bn in…

21 hours ago

The Sustainability of AI

While AI promises unparalleled efficiency, productivity, and innovation, questions regarding its environmental impact loom large.…

1 day ago

Trump’s Truth Social Makes Successful Market Debut

Shares in Donald Trump’s social media company rose about 16 percent after first day of…

1 day ago