Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus convallis sem tellus, vitae egestas felis vestibule ut.

Error message details.

Reuse Permissions

Request permission to republish or redistribute SHRM content and materials.

UKG Hack Fallout Includes Lawsuits, Data Breaches

An image of a circuit board with a lock on it.

​The December 2021 ransomware attack that crippled payroll and timekeeping systems using UKG's Kronos Public Cloud continues to have repercussions for the well-known HR technology vendor and many of its customers, including class-action lawsuits and data breach disclosures.

We've rounded up articles from SHRM Online and other outlets to provide more context on the news.

More Customers Reporting Data Exposures

The most recent lawsuit related to the attack, filed by an employee of the Family Health Centers of San Diego, claims that the incident exposed the personal data of employees.

Other data breaches related to the UKG attack have been disclosed or reported over the last two months, including from the city of Cleveland, athletic wear company Puma and the New York Metropolitan Transportation Authority (MTA).    


Number of Class-Action Lawsuits Grows

In addition to the data breach suit, employees at PepsiCo, the New York MTA and Allegheny General Hospital in Pittsburgh, among others, have filed class-action lawsuits alleging that they were improperly paid due to the system outage.

( ( and (

Hack Disrupts Payroll for Thousands

Discovered Dec. 11, the cyberattack affected about 2,000 employers that use the time and attendance software, including enterprise companies, hospitals, universities and public agencies. UKG said that by late January, it had restored core time, scheduling and payroll capabilities to all customers affected by the ransomware attack. 

(SHRM Online)

HR Tech Put on Notice

HR technology analysts say vendors and their clients should brace themselves for similar attacks as more hackers train their sights on sensitive employee data rather than customer data.

(SHRM Online)

Ransomware: To Pay or Not to Pay

The consideration of whether to pay a ransom is very complicated—and each scenario, risk analysis and business decision is different. It is also wise for companies to determine whether they have insurance coverage for a ransom payment.

(SHRM Online)


​An organization run by AI is not a futuristic concept. Such technology is already a part of many workplaces and will continue to shape the labor market and HR. Here's how employers and employees can successfully manage generative AI and other AI-powered systems.