Sainsbury’s has acknowledged it is one of the businesses hit by a ransomware attack on a major US provider of cloud payroll systems.
The supermarket chain lost a week’s worth of data for its 150,000 UK employees, The Mirror reported.
Companies such as Sainsbury’s rely on services from Ultimate Kronos Group (UKG), based in Lowell, Massachusetts and Weston, Florida, to log staff hours and calculate pay.
Sainsbury’s said staff would be paid before Christmas.
It said departments including payroll, human resources and accounting were using historical data and working patterns to ensure accurate and timely payment.
“We’re in close contact with Kronos while they investigate a systems issue,” Sainsbury’s said in a statement.
“In the meantime, we have contingencies in place to make sure our colleagues continue to receive their pay.”
Kronos acknowledged the ransomware attack last Monday, after noticing “unusual” activity the previous Saturday.
It said its systems could be down for several weeks and advised its customers to “evaluate and implement alternative business continuity protocols”.
Kronos’ customers include the city of Cleveland, Ohio, New York City’s Metropolitan Transportation Authority (MTA), Tesla, MGM Resorts International, Whole Foods, Honda North America and hospitals across the US. Honda UK is reportedly not affected.
The attack affects Kronos Private Cloud, a cloud data storage offering for several of the company’s services, including UKG Workforce Central, used by employees to track hours and schedule shifts.
Kronos said after detecting the attack it took “immediate” action to investigate and mitigate the issue, alerted affected customers, informed authorities and is working with cybersecurity experts.
“We recognise the seriousness of the issue and have mobilised all available resources to support our customers and are working diligently to restore the affected services,” the company said.
In most cases staff can log hours using the offline Kronos timesheet system, but it is unclear when the systems will come back online.
The MTA said it had “complete confidence” staff would be paid for every hour worked.
The city of Cleveland said Kronos had alerted it last week that some sensitive data may additionally have been compromised, including staff names, addresses and the last four digits of social security numbers.
Kronos said in an FAQ page that it is “working diligently to determine whether customer data has been compromised”.
The incident occurred as organisations scrambled to patch a widespread security vulnerability known as Log4j.
Kronos said it had initiated a “rapid” patching process for Log4j and was still investigating whether the vulnerability had been used in the ransomware attack.
Welcome to Silicon UK: AI for Your Business Podcast. Today, we explore how AI can…
Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…
Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…
Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…
Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…
Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…