CHARLESTON – West Virginia Auditor J.B. McCuskey has sent a letter of notice to the company that provides payroll services after it was the victim of ransomware attack last weekend.
The letter, sent December 15 via certified mail by the state’s Enterprise Resource Planning Board, notifies UKG Inc. (formerly Kronos) that the state intends to institute any and all legal actions or claims it may have against the company in wake of the attack.
“Specifically, and as you are well aware, this notice arises out of the state’s inability to access the UKG private cloud time and leave system, and the resulting tumult and damages this has caused the state, due to an incident that has variously been referred to by UKG in its communications with both the state and the national and international press as a ‘cyber-security incident’ and ‘ransomware attack’ occurring on or about December 11, 2021,” the letter states.
McCuskey
The letter asks the company to preserve all evidence and to prevent tampering, hiding or destroying of all evidence. The letter lists examples, such as internal UKG communications related to the incident, all forensic evidence and documentation, risk management plans and marketing materials related to private cloud.
McCuskey says the letter also is being sent to any insurance carriers the state has on file, and he asks the company to share the letter with any other insurers or entities that might need it.
“It is self-evident that UKG is in breach of its contractual and other legal obligations to the state,” McCuskey writes. “Although UKG is providing the state very little information at this time, negligence most certainly appears to have played a role. The economic damages to the state caused by UKG will no doubt be immense.
“However, it is the emotional distress, fear, anxiety and suffering that UKG has so needlessly inflicted upon the hard-working employees of the State of West Virginia that causes me the most concern at this moment.”
In the letter, McCuskey said it is “unconscionable” that UKG could allow such an event to occur. He also notes the timing, when state employees “should be celebrating another year of a job well-done and spending much deserved time with loved ones.”
“Although I am confident our employees will prevail in the face of this needless obstacle, it is in this light that I provide this notice of the state’s intent to vigorously and diligently pursue each and every remedy available to it,” McCuskey ends his letter.
Earlier this week, McCuskey issued a statement assuring state employees payroll would not be disrupted because of a contingency plan created before the cyberattack. UKG has said it might take weeks to restore its system.
The Enterprise Resource Board includes McCuskey, Governor Jim Justice and State Treasurer Riley Moore. It oversees the wvOasis system that processes payroll checks for roughly 60,000 full- and part-time employees of state agencies. Employees of the state Supreme Court, Division of Highways or State Police are not affected because they use a different time entry system.
