UKG Company Cyber Security Posture
ukg.comAt UKG, our purpose is people. As strong believers in the power of culture and belonging as the secret to success, we champion great workplaces and build lifelong partnerships with our customers to show whatโs possible when businesses invest in their people. One of the worldโs leading HCM cloud companies today, UKG and our Life-work Technology approach to HR, pay, time, and culture solutions for all people helps 80,000 organizations around the globe and across every industry anticipate and adapt to their employeesโ needs beyond just work. To learn more, visit ukg.com. UKG Social Media Guidelines available at https://www.ukg.com/ukg-social-media-guidelines.
UKG Company Details
ukg
15440 employees
279558.0
511
Software Development
ukg.com
Scan still pending
UKG_2936607
In-progress
UKG Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
UKG Global Score.png)
UKG Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
UKG Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| UKG | Ransomware | 100 | 5 | 12/2021 | UKG213129322 | Link | |
Rankiteo Explanation : Attack threatening the organization's existenceDescription: HR software giant UKG was targeted in a ransomware attack using Kronos Private Cloud in December 2021. The attack badly impacted the cloud servers where UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling Solutions were deployed. The firm was working with security experts to investigate the attack and restore the data. | |||||||
| UKG Inc. | Breach | 85 | 4 | 6/2023 | UKG921072725 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: The Maine Office of the Attorney General reported that UKG Inc. experienced an inadvertent disclosure of personal information on October 30, 2023, affecting 45,966 individuals, with one resident reported specifically. The breach involved exposed information such as Social Security numbers, and identity theft protection services were offered. | |||||||
| UKG Inc. | Ransomware | 100 | 4 | 12/2021 | UKG550080525 | Link | |
Rankiteo Explanation : Attack with significant impact with customers data leaksDescription: On February 3, 2022, the California Attorney General reported a ransomware attack affecting UKG Inc., which compromised personal information of individuals associated with PUMA North America, Inc. The breach occurred on December 11, 2021, but specific details regarding the number of individuals affected and the types of personal information involved remain unknown. | |||||||
UKG Company Subsidiaries
At UKG, our purpose is people. As strong believers in the power of culture and belonging as the secret to success, we champion great workplaces and build lifelong partnerships with our customers to show whatโs possible when businesses invest in their people. One of the worldโs leading HCM cloud companies today, UKG and our Life-work Technology approach to HR, pay, time, and culture solutions for all people helps 80,000 organizations around the globe and across every industry anticipate and adapt to their employeesโ needs beyond just work. To learn more, visit ukg.com. UKG Social Media Guidelines available at https://www.ukg.com/ukg-social-media-guidelines.
Access Data Using Our API
Get company history
Rapid.png)
UKG Cyber Security News
South Floridaโs UKG grows in Ireland, plans to employ 200 there
Software maker UKG, with headquarters in Weston, is growing in Ireland too, adding 200 employees there at a new operations hub focused on cybersecurity.
Employment screening provider data breach affects 3.3M people
The DISA data breach is the latest in a number of cyber attacks that have targeted employment services companies. In July 2024, a Florida workerย ...
Tanium AEM for ServiceNow accelerates UKG's IT journey
UKG, an AI-first HR, payroll, and workforce management cloud solutions provider, is enhancing its internal IT operations by leveraging AI-ย ...
The UKG One View Solution Delivers Access to Real-time Data, AI Validation, and Instant Payroll Reporting to Customers
The UKG One View solution synchronizes, manages, and uses AI to perpetually validate payroll from all in-country payroll providers, whichย ...
5th Circuit dismisses Cargill employeeโs Kronos hack, discrimination claims
The decision is also a victory for UKG, whom the employee sued separately for privacy violation allegations stemming from a 2021 ransomwareย ...
UKG Hack Disrupts Scheduling and Payroll for Thousands of Employers
โA ransomware attack on a major HR technology provider is creating chaos around attendance, scheduling and payroll for thousands of employersโย ...
UKG Launches Global Operations Hub in Ireland
UKG, a leading provider of HR, payroll, workforce management, and culture solutions and the largest U.S.-based private software company in the world, todayย ...
Kronos ransomware attack impacting hospitals and health systems
A ransomware attack has impacted several Ultimate Kronos Group services that hospitals and other organizations use to manage their employees andย ...
Payroll Services Provider UKG Agrees to $6 Million Settlement in Data-Breach Lawsuit
Payroll services provider UKG has agreed to settle a class-action lawsuit stemming from a cyberattack in 2021, capping a significant piece of litigation thatย ...
UKG Similar Companies
Epic
Join us in our mission to help the world get well, help the world stay well, and help future generations be healthier. We hire smart and motivated people from all academic majors to code, test, and implement healthcare software that hundreds of millions of patients and doctors rely on to improve ca
Pitney Bowes
Pitney Bowes (NYSE: PBI) is a technology-driven company that provides SaaS shipping solutions, mailing innovation, and financial services to clients around the world โ including more than 90 percent of the Fortune 500. Small businesses to large enterprises, and government entities rely on Pitney Bow
Groupon
Groupon is an experiences marketplace that brings people more ways to get the most out of their city or wherever they may be. By enabling real-time mobile commerce across local businesses, live events and travel destinations, Groupon helps people find and discover experiencesโโbig and small, new and
bigbasket
Starting our journey in 2011, today, bigbasket - a Tata Enterprise is Indiaโs largest online supermarket with over 13 million customers and a presence in 60+ cities & towns. With our presence spanning the entire spectrum of consumer needs, we operate through a range of business lines - bigbasket, bb
SAP
SAP is the leading enterprise application and business AI company. We stand at the intersection of business and technology, where our innovations are designed to directly address real business challenges and produce real-world impacts. Our solutions are the backbone for the worldโs most complex and
Airbnb
Airbnb was born in 2007 when two Hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million Hosts who have welcomed over 1.5 billion guest arrivals in almost every country across the globe. Every day, Hosts offer unique stays and experiences that make it possible
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
UKG CyberSecurity History Information
How many cyber incidents has UKG faced?
Total Incidents: According to Rankiteo, UKG has faced 3 incidents in the past.
What types of cybersecurity incidents have occurred at UKG?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware and Breach.
How does UKG detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through an third party assistance with security experts and recovery measures with investigating the attack and restoring the data.
Incident Details
Can you provide details on each incident?
Incident : Ransomware
Title: Ransomware Attack on UKG Inc. Affecting PUMA North America, Inc.
Description: A ransomware attack on UKG Inc. compromised personal information of individuals associated with PUMA North America, Inc.
Date Detected: 2021-12-11
Date Publicly Disclosed: 2022-02-03
Type: Ransomware
Incident : Data Breach
Title: UKG Inc. Data Breach
Description: The Maine Office of the Attorney General reported that UKG Inc. experienced an inadvertent disclosure of personal information on October 30, 2023, affecting 45,966 individuals, with one resident reported specifically. The breach involved exposed information such as Social Security numbers, and identity theft protection services were offered.
Date Detected: 2023-10-30
Type: Data Breach
Incident : Ransomware
Title: UKG Ransomware Attack
Description: HR software giant UKG was targeted in a ransomware attack using Kronos Private Cloud in December 2021.
Date Detected: 2021-12
Type: Ransomware
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
Impact of the Incidents
What was the impact of each incident?
Incident : Ransomware UKG550080525
Data Compromised: Personal Information
Incident : Data Breach UKG921072725
Data Compromised: Social Security numbers
Identity Theft Risk: High
Incident : Ransomware UKG213129322
Systems Affected: UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, Banking Scheduling Solutions
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Personal Information and Social Security numbers.
Which entities were affected by each incident?
Response to the Incidents
What measures were taken in response to each incident?
Incident : Ransomware UKG213129322
Third Party Assistance: Security experts
Recovery Measures: Investigating the attack and restoring the data
How does the company involve third-party assistance in incident response?
Third-Party Assistance: The company involves third-party assistance in incident response through Security experts.
Data Breach Information
What type of data was compromised in each breach?
Incident : Ransomware UKG550080525
Type of Data Compromised: Personal Information
Incident : Data Breach UKG921072725
Type of Data Compromised: Social Security numbers
Number of Records Exposed: 45966
Sensitivity of Data: High
Personally Identifiable Information: Yes
Ransomware Information
How does the company recover data encrypted by ransomware?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through Investigating the attack and restoring the data.
References
Where can I find more information about each incident?
Incident : Data Breach UKG921072725
Source: Maine Office of the Attorney General
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Attorney GeneralDate Accessed: 2022-02-03, and Source: Maine Office of the Attorney General.
Investigation Status
What is the current status of the investigation for each incident?
Incident : Ransomware UKG213129322
Investigation Status: Investigating
Post-Incident Analysis
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Security experts.
Additional Questions
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2021-12-11.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2022-02-03.
Impact of the Incidents
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were Personal Information and Social Security numbers.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident were UKG Workforce Central, UKG TeleStaff, Healthcare Extensions, Banking Scheduling Solutions.
Response to the Incidents
What third-party assistance was involved in the most recent incident?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Security experts.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Personal Information and Social Security numbers.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 525.0.
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident are California Attorney General and Maine Office of the Attorney General.
Investigation Status
What is the current status of the most recent investigation?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Investigating.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
