Unauthorized third party compromises payroll card company data

Share this article:

Florida-based payroll card company Paymast'r Services is sending out letters to an undisclosed number of customers who had personal information compromised in a data breach.

How many victims? Undisclosed.

What type of personal information? Names, addresses, Social Security numbers, driver's license numbers and payroll card numbers are among data that was compromised.

What happened? An unauthorized third party gained access to a website hosted by one of Paymast'r Services' partners, allowing access to personal information on Paymast'r Services' clients. The California data breach notification site lists the organization as FSV Payment Systems.

What was the response? As soon as it learned of the incident, Paymast'r Services shut down the website and opened an investigation. Affected clients are being notified of the incident by letter. The company is offering affected customers one free year of credit monitoring and identify theft protection services.

Details: The unauthorized third party gained access to the website between July 22 and July 28. Paymast'r Services does not believe that any unauthorized activity has occurred on its client payroll card accounts.

Quote: “Based on a detailed investigation, we do not believe that any unauthorized activity has occurred on your Payroll Card account. Nevertheless, we take any potential privacy matter seriously and truly regret that this has happened,” a Paymast'r Services notification letter says.

Source: oag.ca.gov, “Paymast'r Services,” Sept. 11, 2013.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

POLL

More in The Data Breach Blog

Florida medical center hit with breach for third time in two years

Aventura Hospital and Medical Center has reported a data breach for the third time in two years.

Tampa General Hospital breach impacts hundreds of patients

Tampa General Hospital is notifying 675 patients that their personal information may have been accessed, without authorization, by a former employee.

George Mason University travel system targeted for malware attack

The incident could have exposed the names and Social Security numbers of users, although no evidence has surfaced to suggest that's the case.