Will Cyber Attack on Payroll Company Keep Some Mass. Employees From Being Paid on Time?

The cyber attack on Ultimate Kronos Group is impacting Stop & Shop and Keolis, the company that runs the MBTA commuter rail service

NBC Universal, Inc.

A cyber attack involving a substantial payroll company has had a ripple effect on big companies across the country, including several major employers in Massachusetts.

From grocery store chains like Stop & Shop to Keolis, the company that runs the MBTA commuter rail service, employees are now having to use temporary solutions to monitor the hours they work because of a cyber attack that hit Ultimate Kronos Group, one of the largest workforce management companies in the U.S.



Watch NBC10 Boston news for free, 24/7, wherever you are.


Get Boston local news, weather forecasts, lifestyle and entertainment stories to your inbox. Sign up for NBC Boston’s newsletters.

"Kronos is a cloud hosted provider of business applications such as workforce management which includes overall HR, payroll and is hosted as a third party," cybersecurity expert Peter Tran said.

Kronos says on its website that it was hit by a ransomware attack and that the company first learned of the issue on Saturday, saying in a statement in part that is disrupted the Kronos private cloud and that it took immediate action to investigate the issue, alert affected customers and inform authorities. The company also said it is working with leading cybersecurity experts.

"I think the payroll has been impacted in the sense of timely payment," Tran said. "I don't think that Kronos is going to have this massively delayed disruption."

"I think Kronos as a best practice I feel that they will have and do have the necessary business recovery processes for their company," he added.

Tran says ransomware attacks have gone up from 2019 to 2020, and the attackers are treating it like a business, casting a wide net, counting it as revenue for the affected customers who do end up paying it.

"It's a game of leverage between the ransomware attackers and the targeted victims," Tran said.

Stop & Shop issued a statement saying in that part that like many other businesses nationwide, its time-entry system is being impacted by the Kronos outage.

It goes on to say, "we are tracking hours worked manually and executing other procedural changes to ensure Stop & Shop associates are paid promptly and accurately."

A spokesperson for Keolis said it doesn't expect any impact to the services it provides or the communities it serves.

As for how long this will all last, Kronos says that it could take several weeks before the system is fully restored.

Contact Us