Paytime breach may affect 233,000

(Harrisburg) — Cumberland County-based Paytime says as many as 233,000 people may be affected by a data breach.

The payroll processor distributed about 88,000 W-2’s in 2012, but says in a filing with the North Carolina Attorney General that dependents and spouses information may have also been accessed.

“You can’t just have a firewall, you need to have multiple firewalls. And then you also need to have things like intrusion detection systems, DLP or data loss protection systems. There’s a lot of tools out there that provide the instant, up to the minute protection of your data,” says Chuck Davis, computer forensics professor at Harrisburg University.

But finding out who actually has the personal information can be awfully difficult.

The company has maintained the hack came from a foreign IP address.[An IP address is essentially the home address for your computer.]

To Chuck Davis, that doesn’t mean much.

“It makes it very difficult to track them down. They could be here in central Pennsylvania, they could be in Europe, they could be in Asia. Wherever they are, my guess is that the IP addresses where the attacks came from weren’t actually their IP address.”

Davis says it’s fairly simple to obtain an IP address from another country, and route the attack that way.

He says by hiding where the attack is truly coming from, it can also make it difficult to find the hackers.

In a statement, Paytime says it continues to respond to the breach, and is working to develop a thorough report.

The full statement from Paytime:

“Paytime wishes to express appreciation to our customers for their patience as we continue to respond to our recent IT security incident, to answer their questions, and to maintain our focus on providing them the best possible services. On April 30, 2014, Paytime discovered a compromise of user names and passwords related to our Client Service Center. We disabled the Client Service Center, thereby preventing further unauthorized access. We are working closely with third party forensics experts, as well as law enforcement, to develop accurate and thorough information about this incident.

“While our investigation and that of law enforcement are ongoing, we can report that approximately 233,000 individuals are potentially affected by this incident. While the vast majority of the affected individuals reside in Pennsylvania, there are affected individuals in almost all 50 states. Paytime has notified all affected customers about this incident and has provided notice to affected individuals, state regulators and consumer reporting agencies. To assist these individuals in safeguarding their personal information, Paytime is offering 12 months of access to credit monitoring and identity restoration services at no cost to the affected individuals. All enrollees are eligible for AllClearID’s long-term protection program. This added coverage is at no cost to the affected individuals and can be extended indefinitely. Paytime is also providing guidance on other means of monitoring personal information in its communications to the affected individuals.

“The security measures we have put into place include intrusion detection and monitoring systems. The security of our systems and our customers’ information is our priority, as we strive every day to earn the trust and confidence of every Paytime customer.”