From: security curmudgeon (jerichoattrition.org)
Date: Fri Oct 16 2009 - 16:43:46 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://voices.washingtonpost.com/securityfix/2009/10/paychoice_suffers_another_data.html?wprss=securityfix

PayChoice Suffers Another Data Breach
By Brian Krebs | October 15, 2009; 8:40 PM ET

Payroll services provider PayChoice took its Web-based service offline for
the second time in a month on Wednesday in response to yet another data
breach caused by hackers.

Moorestown, N.J. based PayChoice, provides direct payroll processing
services and licenses its online employee payroll management product to at
least 240 other payroll processing firms, serving 125,000 organizations.
On Thursday morning, the company sent a notice to its customers saying it
had once again closed onlineemployer.com - the portal for PayChoice's
online payroll service -- this time after some clients began noticing
bogus employees being added to their payroll.

"After investigation, we determined that valid user credentials for an
Online Employer user were used in an unauthorized manner to add these
fictitious employees in an attempt to have payments made to fraudulent
bank accounts," the company said in an e-mail alert to their clients sent
Thursday.

[..]
_______________________________________________
Dataloss Mailing List (datalossdatalossdb.org)

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]