Hackers Target Payroll Processing to Steal Money

A desktop computer of Regeneron Pharmaceuticals (a drug maker based in Tarrytown, New York) was hacked by criminals. They redirected funds to steal money using the company's account on its third party payroll system managed by Ceridian, as reported by Bloomberg Businessweek on August 5, 2010.

According to the reports, the hacking took place around June 18 2010. Hackers used some form of malware to hack in and succeeded to get the employee's user names and passwords and used the Ceridian system.

In bank fraud incidents, the hackers normally add a number of new payees to a company's payrolls and try to pay them off at the earliest. In the case of Regeneron hack, the matter went other way. The hacker tried to redirect the payments of nine employees, who were getting direct deposit payments, to fraudulent accounts.

The particular attack did not work out, but it showed that criminals might have found a new target. In fact, criminals make millions by computer hacking and initiating fraudulent bank transfers.

As per the reports, the company is forwarding breach notification letters to all current and ex employees who had their data in the Ceridian system. Regeneron has taken steps to prevent such incidents.

Grossman, Vice President of Human Resources, Regeneron, commented that they informed the affected employees immediately and blocked the fake direct deposit accounts prior to the diversion of any payroll funds. He further added about the criminals that they did not know much about their activities, as reported by Bloomberg Businessweek on August 5, 2010.

Commenting on the issue, Avvivah Litan, a Gartner analyst who covers financial fraud, said that such type of payroll system attack might be more widespread than most of the people could realize, according to the news published by Bloomberg businessweek on August 6, 2010. Investigators claim that hackers somehow corrupt the payroll files used by banks to process employee payments.

This is not the first time when hackers have taken control of the Ceridian payroll system. In December 2009, someone infiltrated into the company's powerpay web-based portal and captured 27,000 customers' records and details such as birth dates, names, bank account details and Social Security numbers. As per the news reports, the breach affected 1,900 companies.

Related article: Hackers Redirect Windows Live Search to Malicious Sites

» SPAMfighter News - 8/14/2010