Data of Puma Employees Stolen in Kronos Ransomware Attack
Data of 6,632 Puma employees was stolen in a December 2021 ransomware attack that hit HR management platform Ultimate Kronos Group (UKG).
Identified on December 11, the attack targeted Kronos Private Cloud, a service on which UKG runs applications such as Banking Scheduling Solutions, Healthcare Extensions, UKG TeleStaff, and UKG Workforce Central.
Kronos immediately launched an investigation into the attack and last month discovered that Puma was one of the customers impacted by the incident.
“Regrettably, this letter is to inform you that we were recently the victim of a ransomware attack that involved some of your personal information, which was provided to us in connection with the services we provide to PUMA,” UKG says in a notification letter sent to the impacted individuals.
In its letter, Kronos informed the affected individuals that the malicious actor behind the attack had access to its cloud-based environment before deploying the ransomware.
“Since the attack was discovered, Kronos has been conducting a comprehensive review of the impacted environment to determine whether any individual’s personal information was subject to unauthorized access or acquisition,” the company said.
Kronos says it confirmed the theft of personal data on January 7, 2022, and that Puma was notified of the incident on January 10.
The company also says it has taken the necessary steps to ensure it can prevent similar incidents, by strengthening the security of its IT systems and implementing expanded scanning and monitoring capabilities.
In a filing with the Maine Attorney General’s Office, UKG revealed that potentially exposed data includes names, Social Security numbers, and other personal information.
You may also enjoy reading, The largest DDoS to date, Microsoft mitigates a 3.47 Tbps DDoS attack
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for RiSec Weekly Cybersecurity Newsletter Today
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.