Kronos ransomware attack impacts healthcare workforce services

Featured image

Share this article

Kronos logo

Kronos, an HR management solutions provider, has reported the discovery of a ransomware attack. The incident disrupted several services that hospitals and other health systems use to manage their workforce and payroll operations.

Keep reading to learn more about the attack and the best protective measures to keep your organization’s data secure.

SEE ALSO: HIPAA compliant email

What happened?

Kronos first became aware of suspicious activity within its systems on December 11 and took immediate steps to look into and mitigate the issue. The investigation found that Kronos Private Cloud, a portion of the business that includes its Workforce Central, TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions, was affected by a ransomware attack.

The company reports that these cloud solutions are currently inaccessible and “it may take up to several weeks to restore system availability.”

How is Kronos responding to the attack? 

According to the alert, the investigation remains ongoing while Kronos continues to determine the full scope of the attack. The company has notified the authorities and is “working with leading cybersecurity experts to assess and resolve the situation.”

As the impacted services have been taken offline, Kronos strongly urges customers to implement alternative business continuity plans and notes that its community and customer support teams are available to provide additional support in this area.

Ways to minimize your risk

John Riggi, senior advisor for cybersecurity and risk at the American Hospital Association (AHA), states that the Kronos incident further highlights the importance of robust third-party risk management programs.

“If mission-critical third-party services are made unavailable due to a cyberattack, it may result in disruptions to hospital operations,” he explains. “As such, we urge all third-party providers that serve the healthcare community to examine their cyber readiness, response and resiliency capabilities.”

The Cloud Security Alliance (CSA) also recently released guidance on preventing the growing threat of ransomware in the healthcare cloud, emphasizing that cloud storage doesn’t offer guaranteed protection from cyberattacks. CSA’s recommended safeguards include installing endpoint protection, filtering incoming and outgoing emails to identify threats, and deploying network segmentation.

Stay proactive with Paubox

As cybercriminals continue to evolve their approaches, solid safety practices aren’t always enough to protect your sensitive information from ransomware and other attacks. This makes it more critical than ever for healthcare providers to stay proactive with stronger email security.

Built to conveniently integrate with your current email platform such as Google Workspace or Microsoft 365, Paubox Email Suite enables you to send HIPAA compliant email by default. This means you don’t have to spend time deciding which emails to encrypt and your patients are able to receive your messages directly in their inbox without having to navigate any additional passwords or portals.

Paubox Email Suite’s Plus and Premium plan levels also include advanced inbound email security tools for further protection from potential threats. Our patent-pending Zero Trust Email feature uses email AI to verify that an email is legitimate, while patented ExecProtect works quickly to intercept display name spoofing attempts.

Try Paubox Email Suite Plus for FREE today.
Author Photo

About the author

Sara Uzer

Read more by Sara Uzer

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022