Cyber Incident Victim: Paytime Inc.
Date:
Apr 2014
Location:
United States of America
Summary
Hackers exploited a vulnerability in a Pennsylvania payroll company's Client Service Center, compromising personal data including Social Security numbers, bank account details, and payroll information. The breach potentially affected hundreds of thousands of individuals, with specific impacts noted on county staff and college employees. Foreign-based attackers accessed systems before detection, prompting the company to engage forensic investigators, law enforcement, and implement enhanced security measures. Affected individuals received notifications and offers of credit monitoring, call center support, and identity restoration services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In April 2014, hackers exploited a vulnerability in Paytime Inc.’s Client Service Center systems, gaining unauthorized access to sensitive customer data. The Pennsylvania-based payroll company first detected the breach on April 30, though forensic analysis revealed initial intrusion occurred on April 7. Attackers accessed names, addresses, dates of birth, phone numbers, hire dates, Social Security numbers, direct deposit bank account information, wage details, and other payroll-related records. Paytime attributed the breach to skilled foreign actors based on analysis of international IP addresses used during the intrusion. While the total number of affected individuals remained initially undisclosed, Paytime’s 2012 issuance of 85,000 W2 forms suggested substantial exposure. Specific impacted groups included approximately 500 Wayne County employees and 1,000 staff members from Central Pennsylvania College.
Paytime responded by engaging third-party IT forensic experts to investigate the breach and collaborating with law enforcement agencies. The company secured all systems and implemented enhanced monitoring tools alongside new intrusion detection systems. Impact notifications were sent to affected individuals, accompanied by offers for one year of complimentary credit monitoring services, dedicated call center support, and identity restoration assistance. Subsequent regulatory filings with North Carolina authorities revised the potential impact scale to 216,274 individuals, reflecting broader exposure than initial estimates. No further unauthorized activity was detected following the implementation of upgraded security measures.