ADP Data Used In US Bank Employee W-2 Breach

Online hitch allows thieves to register fraudulently on payroll vendor portal.

Some customers of payroll processing provider ADP had unauthorized accounts created on ADPs portal in their names by thieves using stolen data, and their W-2 data compromised, reports KrebsOnSecurity. This leaves them exposed to the risk of tax returns being filed fraudulently in their names.
The breach was discovered last month by ADP client US Bank, which said that a small population of its 64,000 employees had its tax and salary data stolen from the payroll vendor portal.
To register on ADP, clients provide employees the company-specific link from ADP, and a company code. KrebsOnSecurity says unregistered employee accounts have been used by thieves to sign in with personal details of the employee, and siphon W-2 information.
This process is flawed because the code is posted by ADP customers on an unsecured online page; ADP has now disabled access to the registration portal for those clients found to be publishing the sign-up link and code online.
Read full story at
KrebsOnSecurity
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
ADP Data Used In US Bank Employee W-2 Breach