https://www.hrdive.com/news/pf-changs-dismisses-ukg-employee-data-lawsuit/737612/
Chris Todd never mentions it. During the time, UKG got hacked but never revealed how they fixed it for customers. They kept the secrets internally.
7 replies (most recent on top)
I mean yeah, when you have the entire company trying to pick up the pieces and keep the ship afloat after laying off 14%, people are going to be stressed and miss details.
↓ Intern from Public Relations has entered the chat.
Someone sc--wed up and accidently shared a file containing personal info with five other of their customers which was accessed a total of 9 times. No misuse of the personal data has been detected. It's a reportable breach, but not close to the gotcha you're making it out to be. Do better.
ttps://www.mass.gov/doc/assigned-data-breach-number-2024-075-ukg/download
They Did It Again! UKG Data Breach - Personal Information Exposed... Again
UKG has suffered yet another significant data breach, demonstrating a worrying pattern of inadequate data protection. On January 5, 2024, the company revealed that an unauthorized party gained access to sensitive consumer information, including names, SSN, demographic details, salary information, addresses, and financial account. This recurring breach is particularly alarming as it provides cybercriminals with a treasure trove of personal data, leaving affected individuals vulnerable to identity theft and financial fraud.
The incident highlights UKG's apparent inability to learn from past mistakes and implement robust data protection measures. While the company is offering 24 months of free credit monitoring, it remains to be seen if this will be enough to mitigate the long-term consequences. One has to wonder if recent massive layoffs at UKG could have triggered this breach, potentially compromising the company's security infrastructure. As cyber threats continue to evolve, UKG's repeated failures raise serious questions about their commitment to safeguarding sensitive information and their ability to protect their clients' data in the future.
Seems like this IS one of UKGs problems, it keeps happening.
"On January 5, 2024, UKG Inc. filed a notice of data breach with the Attorney General of Maine after discovering that the confidential information of certain consumers was recently shared with an unauthorized party."
I'm not sure if log4shell is to blame for this. Nevertheless, a number of hardware and software versions are out of date, and UKG overused software licenses. I recall that Oracle penalized them for overusing the Oracle. A number of database admins were fired by Aron. They stopped upgrading software including Oracle as well. They are now also abusing the SQL server license. They conceal license fees of millions of dollars from Microsoft.
That item had nothing to do with the hack. Read the article.
The hack was based on a security issue called log4shell that impacted other organizations as well. Google it.
Plenty of issues with UKG. But you got this one wrong.