Ransomware attack hits major payroll company right before Christmas

Paychecks at GameStop, Whole Foods and other stores may be affected.

Noam Galai/Getty Images)

Ransomware has been a recurring problem throughout 2021, and the latest attack could be particularly severe for some workers. NBC News reports workforce management heavyweight Kronos has suffered a ransomware attack that could affect its ability to handle hours and payroll at well-known companies like GameStop, Honda and Whole Foods. With many final pre-Christmas paychecks slated to arrive this week, there's a concern some employees might not get paid in a timely fashion when they need it most.

Kronos reported the attack on December 11th, but it wasn't until December 13th the company warned it might take "several weeks" to fully restore functionality. The company didn't identify the perpetrators. It also couldn't completely rule out a connection to the recent Log4j vulnerability, but went through "rapid patching" and supply chain checks to make sure its systems weren't susceptible.

It's not clear how soon hours and payroll functionality might come back. In the meantime, though, companies have had to scramble to find alternatives. Whole Foods told NBC it had found a way to pay staff this week, but Honda only said it was "taking steps" to mitigate any problems. One anonymous Whole Foods worker said teammates had been asked to rely on paper punch sheets and handwritten schedules.

The Kronos incident illustrates the sheer breadth of ransomware victims in recent months, including a meat supplier and a key oil pipeline operator. It also underscores the fragility of modern workplace technology. While a payroll company might not be considered critical infrastructure like food or fuel providers, a cyberattack against it can still deal significant economic damage.