Kronos, a time-keeping and human resources company now known as UKG, has paid $6 million to settle a December 2021 data breach lawsuit that affected multiple hospitals and health systems' payrolls, Top Class Actions reported July 5.
The lawsuit alleged that UKG failed to implement adequate cybersecurity measures, which led to a December 2021 ransomware attack on its Kronos private cloud. The breach affected hospitals and health systems such as Plymouth, Mass.-based Beth Israel Deaconess Hospital, Joliet, Ill.-based Amita Health St. Joseph Medical Center (since renamed to Ascension Saint Joseph-Joliet) and Oneonta, N.Y.-based A.O. Fox Hospital, to name a few.
Although the company has admitted no wrongdoing, it agreed to the $6 million settlement.
Under the settlement agreement, class members can receive up to $1,000 for losses related to the data breach.
In addition, UKG will spend $1.5 million to improve its cybersecurity posture.