HR management solutions provider Ultimate Kronos Group, or Kronos, has reached a $6 million settlement with healthcare organizations and other organizations across different industries impacted by a data breach that followed a ransomware attack against its Kronos Private Cloud offering in December 2021, HealthITSecurity reports.
Such a breach has resulted from UKG's inadequate cybersecurity measures against ransomware attacks, with the intrusion not only exposing the personal data of workers but also preventing timely and appropriate payments for employees, according to the class action lawsuit.
"To compound the matter, the timing of the breach left workers worrying about these financial issues and data concerns in the midst of the holiday season, wondering if they would be able to make ends meet and how long the problem would continue. Those worries proved concrete, as UKG took months to purportedly rectify its security problems," the lawsuit alleged.
Aside from providing class members with either up to $1,000 or up to $7,500 in payments, UKG has also agreed to bolster its security measures with a more extensive scanning and monitoring program, as well as third-party security services.