ADP Web Portal Breach: Sensitive Tax Data Targeted

May 11, 2016
Neovera Team

ADP Web Portal Breach: Sensitive Tax Data Targeted

Though the big tax season push is officially on hiatus until next year, that doesn’t stop the occurrence of malicious attacks aimed at retrieving sensitive tax data throughout the year. The most recent victims in this type of targeted attack are ADP and US Bank – two major corporations who hadn’t experienced a large scale web portal breach until now.

Both companies are rather tight-lipped regarding specifics of the web portal breach, but enough details have been obtained to create a rather unfortunate picture for each party in question. To start, it should be noted that, of ADP’s 630,000 clients serviced, only “around a dozen” were affected; one of those just happened to be a large, national bank. The 1,400 US Bank employees in question (2% of their total workforce) most likely hadn’t signed up for ADP’s online portal to access their W2 tax forms – attackers took advantage of the unclaimed, unique access codes, and, combined with personal details amassed from the Internet, weaseled into the system in a large web portal breach.

Once KrebsonSecurity broke the news, the fingers were already being pointed: ADP blamed US Bank for their lack of movement in guaranteeing every employee signed up, US Bank said that ADP should have kept a tighter lid on the unique codes provided to each employee. Let’s look at the bigger picture – with this information, had this web portal breach gone unchecked by both companies as well as the authorities, attackers would have been able to steal tax refunds next year. Combined with accurate salary information, filings with the stolen information wouldn’t raise an eyebrow with the IRS.

So, what can an employee or employee do to avoid a web portal breach, or other similar situations? Well, for employers, it’s making sure that any third party vendor – especially ones dealing with employee information or other sensitive data – not only has the necessary cybersecurity precautions in place but that they make you aware of your company’s role as well. Education and communication are vital, which brings us to the employees; know where your personal information is going, where it is stored, and what, if any, access you have to it over the Internet. Third party vendors, employers and employees all have to work together to keep their cyber environment safe from attackers; taking these steps will ensure a much smoother operation in the future.