Updated: Dec. 14, 2021 at 3:54 p.m.
The University’s online time reporting system for employees, Kronos, is “currently unavailable” after a cybersecurity incident last week potentially compromised GW employees’ information, officials announced in an email Tuesday.
First and last names, GWIDs, Net IDs, GW email addresses, office phone numbers and campus addresses may have been compromised, but social security numbers, birth dates or financial information are not stored in Kronos and are therefore secure, according to the email. Officials said GW Information Technology’s Information Security took “immediate and appropriate actions” to block Kronos connections with GW systems and strengthen existing security measures to mitigate the impact of the cyber attack.
“GW Information Security continues to actively monitor university staff and faculty email accounts, and promptly address any suspicious activity (e.g. unauthorized attempt to access university systems by external parties),” the email reads.
This is the second cyber attack affecting a GW service in recent days. GW Law students have been unable to access classroom materials after the “MyLaw” platform faced a cyber attack on Friday. Students and faculty’s personal information may have also been exposed.
University spokesperson Crystal Nosal said all GW employees were notified that their information could have been compromised. She said the issue is affecting other Kronos customers at higher education institutions and corporations.
Nosal declined to say how many employees were impacted and when officials anticipate Kronos will be operational again. She declined to specify the specific actions GW has taken to reinforce security measures.
Officials said the University “deeply regrets” the impact this cybersecurity event has had on community members, and they will continue to keep the community updated as new information becomes available.
“The GW Payroll Office will be communicating intermediate operating and restoration plans as they are determined,” officials said.
Kronos is also working with experts in cyber security to help assess the situation, according to the email.
Kronos released a statement Monday saying it has determined that the attack is a case of ransomware affecting the Kronos Private Cloud. The statement said Kronos has notified authorities of the attack.
Restoring system availability may take up to several weeks, according to the statement.
“We deeply regret the impact this is having on you, and we are continuing to take all appropriate actions to remediate the situation,” the statement reads. “We recognize the seriousness of this issue and will provide another update within the next 24 hours.”
Officials said GW community members should read relevant guidance on how to protect themselves from “phishing of personal information.”