American Payroll Association notifies people of cyberattack on site

The American Payroll Association (“APA”) is notifying people about breach discovered in mid-July.

What Happened? The APA experienced a skimming cyberattack in which personal information was accessed by unauthorized individuals. The source of the cyberattack is thought to have been a vulnerability in APA’s content management system, which allowed a “skimmer” to be installed on both the login webpage of the APA website, as well as the checkout section of the APA’s online store. APA’s IT team uncovered unusual activity on the site dating back to May 13, 2020 at approximately 7:30 pm CT.

What Information Was Accessed? The unauthorized individuals gained access to login information (i.e. username and password) and individual payment card information (i.e. credit card information and associated data). By way of account access, the electronic fields that may have been accessed include: First and Last Names; Email Address; Job Title and Job Role; Primary Job Function and to whom you “Report”; Gender; Date of Birth; Address (either business of personal), including country, province or state, city, and postal code; Company name and size; Employee Industry; Payroll Software used at Workplace; Time and Attendance software used at work. In addition, some accounts include profile photos and social media username information.

What Are We Doing? Since discovering the cyberattack, APA has installed the latest security patches from our content management system to prevent any further exploitation of their website. APA technicians also reviewed all code changes made to the APA website since January; installed additional antivirus software on our servers; and increased the frequency of security patch implementation.

Read the remainder of their notification on the California Attorney General’s web site.

And what does that last section mean — that they hadn’t installed security patches that were available before the attack?

About the author: Dissent

Comments are closed.