At TrueBlue, protecting our clients, candidates, and associates from online security risks is a critical part of our work. Our Cybersecurity Team consistently stays ahead of security issues and addresses any threats as quickly as possible.
Apache Log4j Vulnerability (CVE-2021-44228):
Recently, a widespread vulnerability was identified in software (Apache Log4j) commonly used by many businesses. This vulnerability has exposed some of the world’s most popular applications and services to a potential cyberattack.
Our TrueBlue Cybersecurity Team responded to this vulnerability immediately, and all internal systems which were vulnerable to the Log4j vulnerability have been remediated. We are working closely with our vendor partners to ensure remediation of their tools and environments, ensuring the security of our network and telephony infrastructure, identity and access management tools, backup solutions, and our entire security suite of tools.
There are no indicators of compromise (IOCs) in our environment or through any third-party access to our environment. However, we continue to actively monitor our environment with active vulnerability scanning and automated endpoint detection and response (EDR).
Kronos Ransomware Attack:
HR management company Ultimate Kronos Group (UKG) was recently hit by a ransomware attack. While TrueBlue does not utilize the Kronos tool directly for HR or payroll processes, we do have some clients that are connected to Kronos.
To protect our assets, we have disabled internet connectivity to the Kronos platforms out of an abundance of caution. For the near term, all connections and downloads from their systems will remain disabled until we can independently verify that they pose no threat to our systems and assets. We will continue to actively monitor for vulnerabilities and use automated endpoint detection and response (EDR).