Vulnerability put 1.87 million Michigan employees at risk
Catherine Shaffer reports:
As many as 1.87 million Michigan workers may have had their personal information exposed through a newly discovered security vulnerability in the computer system used by the Michigan Unemployment Insurance Agency.
The information release affects workers whose paychecks are processed by a third-party payroll vendor. A software update installed in October 2016 included a vulnerability that allowed those vendors to access social security numbers and names of people that they were not authorized to view.
[…]The computer system affected is the Michigan Data Automated System (MiDAS).
Read more on Michigan Radio.
Note: The headline was corrected post-publication to clarify that it was not a vulnerability in any payroll vendor’s system, but in the system used by employees who have their checks processed by any of the 31 payroll vendors working with the state.