A federal judge has given the green light for approval of an Ultimate Kronos Group cybersecurity lawsuit settlement
New York, NYA New York federal judge in early December has granted preliminary approval of a $12.75 million settlement. The PepsiCo class action lawsuit alleges that Pepsi workers were not paid overtime and wages weren't timely or fully compensated for all hours worked during an outage with their Kronos timekeeping system. Along with Pepsi, the workforce management company’s timekeeping and payroll systems are used by many major businesses across various industries, including defendant companies New Tiger LLC and subsidiaries including The Quaker Oats Company and Frito-Lay Inc.
Kronos Lawsuit
Kronos, which merged in April 2020 with Ultimate Software and now called UKG (Ultimate Kronos Group), was hacked in 2021. The ransomware attack caused an outage and disruption to its timekeeping software that affected almost 24,000 workers during 17 pay periods between December 2021 and April. Employers did not have access to employees’ work hours. Investigating the incident, PepsiCo and its co-defendants determined they had underpaid 23,801 workers by $23,896,550, which represents the underpaid compensation figure owed to the members of the settlement class and the Fair Labor Standards Act collective, and that 41,481 employees were overpaid by $59,776,602, reported Law360.
The PepsiCo Kronos class action settlement is Emanuele Stevens et al. v. PepsiCo Inc. et al. Case No. 7:22-cv-00802, in the U.S. District Court for the Southern District of New York.
The settlement stems from lawsuits following the Kronos data breach in 2021.
Drobsch v. PepsiCo.
In April 2022 Devin Drobsch filed a class action lawsuit in Pennsylvania federal court against PepsiCo, Inc., claiming that the company is in violation of the Pennsylvania Minimum Wage Act and the Pennsylvania Wage Payment and Collection Law. According to court documents, the company failed to provide its employees with their proper wages or overtime premium following the Kronos data breach – and that the company has not been able to pay its staff or correctly track their hourly employees since the breach. Further, the company was unable to properly pay or give staff appropriate time off. According to court documents, “PepsiCo’s workers who were not exempt from the overtime requirements under Pennsylvania law were not paid for all hours worked or were not paid their proper overtime premium after the onset of the Kronos hack.”
In his lawsuit, Drobsch claimed that “Sony could have created a temporary and alternative plan for keeping track of employee hours and pay but chose not to.
“Instead, PepsiCo used prior pay periods or reduced payroll estimates to avoid paying wages and proper overtime to these non-exempt hourly and salaried employees,” reported Top Class Actions. As well, Drobsch contended that PepsiCo tried to shift the problem onto the people in the workforce that are more economically vulnerable, i.e., those that work on the front line. The Kronos PepsiCo Class Action Lawsuit is Drobsch v. PepsiCo, Inc., Case No. 2:05-mc-02025, in the U.S. District Court for the Western District of Pennsylvania.
Data Breaches
Ninety percent of 10 largest healthcare data breaches reported this year were caused by third-party vendors, and one of those incidents—Kronos-- affected hundreds of providers, reported SC Magazine: “Human resource and payroll vendor Kronos has been recovering from a widespread ransomware attack for more than a month, which has created major payroll issues at a number of health systems… Employees and clients are begging for answers: Shouldn’t there have been contingencies in place to ensure employees are paid?” SC Magazine previously reported (December 2021) that a cyberattack impacted Kronos’ private cloud platform, which hosts the vendor’s Workforce Central, UKG TeleStaff, Healthcare Extensions, and Banking Scheduling solutions and three separate data centers. Those platforms were rendered inaccessible and Kronos’ cloud clients were forced to manually track and estimate employee hours, in addition to issuing employees paper checks. Healthcare has been hardest hit by the incident, as it is widely used in healthcare for human resources and payroll, according to Fitch Ratings.
Several lawsuits have been filed stemming from the December 2021 cyberattack on Kronos, all of which claim that hourly employees were shorted on overtime pay as a result of the Kronos breach.
Benefits Pro noted that Frito-Lay North America Inc., a subsidiary of PepsiCo, was sued April 4 in the U.S. District Court for the Eastern District of Texas. The suit was filed on behalf of a putative class of current and former non-exempt hourly employees. The case is Parrish v. Frito-Lay North America, Inc.
PepsiCo itself has been sued three times so far:
It was sued March 23 in the U.S. District Court for the Southern District of New York on behalf of a class of current and former non-exempt hourly employees.
Secondly, was sued in the U.S. District Court for the Central District of California on March 30.
And thirdly, it was also sued on April 4 in the U.S. District Court for the District of New Jersey; the case is Ellis et al v. PepsiCo. Inc.
If you or a loved one have suffered losses in this case, please click the link below and your complaint will be sent to an employment law lawyer who may evaluate your Unpaid Wages claim at no cost or obligation.