Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Incident Response

ADP Experiences Security Breach

HR and Payroll outsourcing giant Automatic Data Processing, Inc., (ADP) experienced a system intrusion, that as of now, has affected one client. In an announcement this afternoon, ADP said that it was investigating and taking measures to address the impact of a system intrusion that occurred with a client at Workscape, a benefits administration provider that ADP acquired in August 2010. Though the incident is limited to a single client, ADP didn’t say if and how many records from the client may have been potentially exposed.

HR and Payroll outsourcing giant Automatic Data Processing, Inc., (ADP) experienced a system intrusion, that as of now, has affected one client. In an announcement this afternoon, ADP said that it was investigating and taking measures to address the impact of a system intrusion that occurred with a client at Workscape, a benefits administration provider that ADP acquired in August 2010. Though the incident is limited to a single client, ADP didn’t say if and how many records from the client may have been potentially exposed.

Based on early reports and information coming from ADP, the damage doesn’t appear to be significant based on claims that the intrusion was detected by the ADP security team during routine monitoring and occurred on a non-payroll platform that is no longer sold by the company.

ADP added the following in a statement released this afternoon:

Since learning of this intrusion, and based on the preliminary intelligence and information gathered to date, ADP believes that the impact of the incident is limited to a single client. ADP immediately notified the client to make the client aware of the situation, and continues to take all appropriate measures to investigate and to help mitigate any issues. ADP has also been actively cooperating with law enforcement to determine the cause of this incident and to assist authorities in identifying and apprehending those responsible. Because this incident is the subject of an ongoing law enforcement investigation, ADP cannot disclose any additional details at this time. ADP will provide further updates once information that can be made public becomes available, and we will continue to communicate with all affected parties as appropriate.

Related Reading: Understanding Web Application Security – Defending the Enterprise’s New Porous Perimeter

ADP acquired Workscape in August 2010. Workscape provides solutions including talent management, benefits administration and employee communications for hundreds of organizations and millions of workers around the world.

With nearly $9 billion in revenues and about 550,000 clients, ADP is one of the world’s largest providers of HR, payroll, tax and benefits administration solutions

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Cybercrime

Albanian prosecutors on Wednesday asked for the house arrest of five public employees they blame for not protecting the country from a cyberattack by...

Funding/M&A

Thoma Bravo will spend $1.3 billion to acquire Canadian software firm Magnet Forensics, expanding a push into the lucrative cybersecurity business.