Unauthorized third party compromises payroll card company data

Share this article:

Florida-based payroll card company Paymast'r Services is sending out letters to an undisclosed number of customers who had personal information compromised in a data breach.

How many victims? Undisclosed.

What type of personal information? Names, addresses, Social Security numbers, driver's license numbers and payroll card numbers are among data that was compromised.

What happened? An unauthorized third party gained access to a website hosted by one of Paymast'r Services' partners, allowing access to personal information on Paymast'r Services' clients. The California data breach notification site lists the organization as FSV Payment Systems.

What was the response? As soon as it learned of the incident, Paymast'r Services shut down the website and opened an investigation. Affected clients are being notified of the incident by letter. The company is offering affected customers one free year of credit monitoring and identify theft protection services.

Details: The unauthorized third party gained access to the website between July 22 and July 28. Paymast'r Services does not believe that any unauthorized activity has occurred on its client payroll card accounts.

Quote: “Based on a detailed investigation, we do not believe that any unauthorized activity has occurred on your Payroll Card account. Nevertheless, we take any potential privacy matter seriously and truly regret that this has happened,” a Paymast'r Services notification letter says.

Source: oag.ca.gov, “Paymast'r Services,” Sept. 11, 2013.

Share this article:

Sign up to our newsletters

POLL

More in The Data Breach Blog

Thousands had data on computers stolen from California medical office

Bay Area Pain Medical Associates notified about 2,780 patients that their data was on computers stolen from its California offices.

Subcontractor breach impacts 1,700 in Dominion Resources employee wellness plan

About 1,700 people in the Dominion Resources employee wellness program have been notified that their data was accessed in a breach.

Document posted to California city website, employee data accessed

In California, a document posted to the City of Encinitas website contained data on hundreds of current and former city staffers.