Vulnerability put 1.87 million Michigan employees at risk

Catherine Shaffer reports:

As many as 1.87 million Michigan workers may have had their personal information exposed through a newly discovered security vulnerability in the computer system used by the Michigan Unemployment Insurance Agency.

The information release affects workers whose paychecks are processed by a third-party payroll vendor. A software update installed in October 2016 included a vulnerability that allowed those vendors to access social security numbers and names of people that they were not authorized to view.

[…]

The computer system affected is the Michigan Data Automated System (MiDAS).

Read more on Michigan Radio.

Note: The headline was corrected post-publication to clarify that it was not a vulnerability in any payroll vendor’s system, but in the system used by employees who have their checks processed by any of the 31 payroll vendors working with the state.

About the author: Dissent