Criminals are hacking payroll payment processing systems to divert payments – and the right comprehensive Cyber Risk Insurance policy is essential to ensure financial protection. Payroll processing is a primary target for cyber criminals because payroll systems are so widespread, and sometimes security is not so strong. With access into a payroll processing system, cyber criminals can divert payments to another (their own) bank account.
And it is not that difficult. By gaining access to the right employee's email, typically through phishing attacks, the hacker can get into the company’s payroll system. For example, a hacker can use access to the payroll system administrator’s email account to request a password reset for the login to the payroll system. With access, the criminal can change the deposit settings to divert the electronic deposits to the hacker’s own account.
Cyber criminals have many options, and can target payroll processors, employers, and the employees themselves. For example, a payroll system attack victimized the Anne Arundel County Public Schools (see here & here). Using hacked user credentials, paychecks for 36 employees were redirected to other accounts, resulting in a loss of $57,000.
A similar attack on the Atlanta Public School system occurred in September 2017 (see here). Cyber criminals obtained user credentials and diverted payroll payments for 27 school system employees totaling $56,459.
In another variation, cyber criminals added 100 payee accounts to the Chelan County Hospital No. 1 payroll system and, in a series of transactions, stole approximately $1.0 million (see here).
Payroll processors are more sophisticated and challenging targets, but are also more lucrative, and have been under attack for years. In a sophisticated attack, hackers accessed the payment processing system of RBS WorldPay, a payment processor located in Atlanta, and used a debit card payroll process to steal approximately $9 million (see here & here):
Once they compromised the encryption, the hackers raised the balances and ATM withdrawal limits on compromised accounts, and provided a network of lead “cashers” with 44 debit card account numbers and their associated PINs, which were used to withdraw more than $9 million from over 2,100 ATMs in at least 280 cities worldwide, including cities in the United States, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan, and Canada. The $9 million loss occurred within a span of less than 12 hours on November 8, 2008.
Cyber crime is a growing and serious threat across many businesses, and some of our prior articles on various forms of cyber crime, IT security and comprehensive Cyber Risk Insurance may be informative:
Payroll processing companies and employers are particularly vulnerable to payroll payment cyber crime, and strong security is essential to protect payroll transactions. In addition to strong security, comprehensive Cyber Risk Insurance (also called Data Breach, Privacy and Network Security insurance coverage) is an important financial protection against hacking attacks. Coverages vary widely, but comprehensive Cyber Risk Insurance policy forms responding to cyber crime losses are available.
Tennant Risk Services is a specialty wholesale broker and underwriting manager, and delivers expertise, markets and exemplary services to our retail insurance agent clients in the placement of professional liability and specialty insurance (E&O, D&O, EPL, Cyber Risk, Specialty). Cyber Risk Insurance is our specialty, and we excel at hard to place accounts.
Specialty Insurance Expertise: Tennant Risk Services
Content © Tennant Risk Services Insurance Agency, LLC, 2005 - 2018 | All Rights Reserved.