Breach, Data Security, Vulnerability Management

Unauthorized third party compromises payroll card company data

Florida-based payroll card company Paymast'r Services is sending out letters to an undisclosed number of customers who had personal information compromised in a data breach.

How many victims? Undisclosed.

What type of personal information? Names, addresses, Social Security numbers, driver's license numbers and payroll card numbers are among data that was compromised.

What happened? An unauthorized third party gained access to a website hosted by one of Paymast'r Services' partners, allowing access to personal information on Paymast'r Services' clients. The California data breach notification site lists the organization as FSV Payment Systems.

What was the response? As soon as it learned of the incident, Paymast'r Services shut down the website and opened an investigation. Affected clients are being notified of the incident by letter. The company is offering affected customers one free year of credit monitoring and identify theft protection services.

Details: The unauthorized third party gained access to the website between July 22 and July 28. Paymast'r Services does not believe that any unauthorized activity has occurred on its client payroll card accounts.

Quote: “Based on a detailed investigation, we do not believe that any unauthorized activity has occurred on your Payroll Card account. Nevertheless, we take any potential privacy matter seriously and truly regret that this has happened,” a Paymast'r Services notification letter says.

Source: oag.ca.gov, “Paymast'r Services,” Sept. 11, 2013.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.