Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

ADP Experiences Security Breach

HR and Payroll outsourcing giant Automatic Data Processing, Inc., (ADP) experienced a system intrusion, that as of now, has affected one client. In an announcement this afternoon, ADP said that it was investigating and taking measures to address the impact of a system intrusion that occurred with a client at Workscape, a benefits administration provider that ADP acquired in August 2010. Though the incident is limited to a single client, ADP didn’t say if and how many records from the client may have been potentially exposed.

HR and Payroll outsourcing giant Automatic Data Processing, Inc., (ADP) experienced a system intrusion, that as of now, has affected one client. In an announcement this afternoon, ADP said that it was investigating and taking measures to address the impact of a system intrusion that occurred with a client at Workscape, a benefits administration provider that ADP acquired in August 2010. Though the incident is limited to a single client, ADP didn’t say if and how many records from the client may have been potentially exposed.

Based on early reports and information coming from ADP, the damage doesn’t appear to be significant based on claims that the intrusion was detected by the ADP security team during routine monitoring and occurred on a non-payroll platform that is no longer sold by the company.

ADP added the following in a statement released this afternoon:

Since learning of this intrusion, and based on the preliminary intelligence and information gathered to date, ADP believes that the impact of the incident is limited to a single client. ADP immediately notified the client to make the client aware of the situation, and continues to take all appropriate measures to investigate and to help mitigate any issues. ADP has also been actively cooperating with law enforcement to determine the cause of this incident and to assist authorities in identifying and apprehending those responsible. Because this incident is the subject of an ongoing law enforcement investigation, ADP cannot disclose any additional details at this time. ADP will provide further updates once information that can be made public becomes available, and we will continue to communicate with all affected parties as appropriate.

Related Reading: Understanding Web Application Security – Defending the Enterprise’s New Porous Perimeter

ADP acquired Workscape in August 2010. Workscape provides solutions including talent management, benefits administration and employee communications for hundreds of organizations and millions of workers around the world.

With nearly $9 billion in revenues and about 550,000 clients, ADP is one of the world’s largest providers of HR, payroll, tax and benefits administration solutions

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn about active threats targeting common cloud deployments and what security teams can do to mitigate them.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Incident Response

Microsoft has rolled out a preview version of Security Copilot, a ChatGPT-powered tool to help organizations automate cybersecurity tasks.

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of...

Cybercrime

Cloud company Rackspace has completed its investigation into the recent ransomware attack and found that the hackers did access some customer resources.