Frito-Lay becomes latest employer to settle Kronos outage wage-and-hour claims

Dive Brief:

  • Frito-Lay has agreed to settle a class-action wage-and-hour lawsuit brought by current and former hourly employees over alleged violations stemming from the 2021 Kronos ransomware attack, according to court documents filed Wednesday.
  • The suit filed in the U.S. District Court for the Eastern District of Texas in 2022, Hill et. al. v. Frito-Lay, Inc., alleged that from the time of the attack until around February or March 2022, Frito-Lay paid the plaintiffs and other hourly workers an average of hours worked in previous weeks. The workers claimed this amount remained the same week to week regardless of the number of hours they actually worked.
  • The plaintiffs further alleged that, when Frito-Lay restored back pay to some hourly employees intended to compensate them for underpayments, those amounts were insufficient. The settlement terms were not disclosed. “The Parties advise the Court that they have resolved all outstanding claims and issues in their entirety,” the filing stated.

Dive Insight:

The effects from vendor UKG’s Kronos Private Cloud timekeeping and payroll software outage in 2021 have echoed far beyond that year for affected organizations. Frito-Lay joins other employers in deciding to settle claims tied to the outage. Some, like UMass Memorial Health in Massachusetts and food corporation Cargill, relinquished millions in payouts.

Those settling included UKG itself. Last year, the company announced a $6 million agreement with affected employees of UKG customers, including a group of persons whose data was stolen as a result of the attack.

In the months that immediately followed the attack, sources described the incident as one of the most notable cybersecurity breaches ever faced by HR departments. An executive for UMass Memorial who spoke to HR Dive after the breach’s resolution described the health system’s response in detail; UMass had to rely on a backup solution for more than one month before Kronos functionality was restored.

The attack not only raised concerns about HR departments’ preparation for cyber threats, but it also highlighted the potential vulnerabilities introduced by service vendors, Cybersecurity Dive reported in 2022.