Second PayChoice breach in one month

Posted by Caitlin on October 19th, 2009

Earlier this month, PayChoice, a payroll processing firm, was breached by hackers. Last week, PayChoice was hacked yet again. The last hack was unusually complex, involving a data breach, phishing emails, malicious websites, and a Trojan horse. The latest attack hinged on a security vulnerability in PayChoice's online portal, OnlineEmployer.com. It appears as though hackers have exploited this vulnerability in order to steal customers' usernames and passwords. The stolen credentials were then used to add fictitious employees to customers' payrolls, in an attempt to have recurring payments made to fraudulent bank accounts.

PayChoice is a leader in the payroll services and software industry, with over 125,000 business customers. It shouldn't come as a surprise that hackers have targeted a company that facilitates so many financial transactions. But what is surprising is the hackers' persistance and creativity.

To defend yourself from cybercriminals, be sure to install Internet security software, and set it to update automatically. Since the end goal of the most nefarious attacks is usually the theft of personal information that can be used to open fraudulent accounts, you might also consider investing in identity theft protection, which is designed to prevent fraudulent accounts from being opened in your name.