A growing number of hospitals and health systems, including Baptist Health and Ascension, have been impacted by a Dec. 11 ransomware attack on human resources management company Ultimate Kronos Group.
San Angelo, Texas-based Shannon Medical Center, which uses Kronos for timekeeping, scheduling and payroll, switched to downtime procedures to ensure its employees are still paid on time, a hospital spokesperson told The San Angelo Standard-Times on Dec. 13.
The ransomware attack affected Kronos' Private Cloud software platform companies use for scheduling, timekeeping, payroll and human resources, the company said in a Dec. 13 blog post. Although it is working to remediate the issue, Kronos said it could take several weeks to restore services. The company recommends its clients turn to alternative methods to manage their workforce needs as it recovers from the attack.
More hospitals and health systems that use Kronos have said they were affected by the cyberattack, including Jacksonville, Fla.-based Baptist Health and Gainesville, Fla.-based UF Health, local CBS affiliate WJAX reported Dec. 14. Both health systems said they have taken measures to ensure employees are paid on time.
Ascension St. Vincent Hospital in Indianapolis said it also has been affected by the incident but has put "alternate systems in place to track time and process payroll as scheduled," according to a Dec. 14 WXIN report.
Allegheny Health Network and Highmark, both in Pittsburgh, also use Kronos for payroll, scheduling and other services, and have been affected by the incident. Allegheny told local CBS affiliate KDKA Dec. 15 it is doing everything possible to ensure employees are paid on time.
Baton Rouge, La.-based Franciscan Missionaries of Our Lady Health System, which uses Kronos to manage timekeeping and scheduling, has switched to its continuity plan in the wake of the service disruption, a health system spokesperson told The Advocate on Dec. 15. The health system's plan is used in times when prolonged outages can occur, such as in the case of a natural disaster.
John Riggi, senior adviser for cybersecurity and risk at the American Hospital Association, said in a Dec. 14 statement that the organization has received several reports indicating that hospitals and health systems have been affected by the Kronos ransomware attack.
"A lack of the availability of those services could be quite disruptive for healthcare providers, many of whom are experiencing surges of COVID-19 and flu patients," he said. "This attack once again highlights the need for robust third-party risk management programs that identify mission-critical dependencies and downtime preparedness."