State employees fooled by a fake payroll website farming their data

State employees fooled by a fake payroll website farming their data

Briefly

The Office of the Comptroller is investigating a "credential harvesting campaign" that involved the state's employee self-service time and attendance system, resulting in compromised personal data.

Boston.comhttps://www.boston.com/news/local-news/2024/10/10/state-employees-fooled-by-a-fake-payroll-website-farming-their-data/

Michael Sangalang, chief communications officer for the comptroller, stated, "We are still trying to determine how many employees were affected... Many recent direct deposit account changes were in fact legitimate..."

Boston.comhttps://www.boston.com/news/local-news/2024/10/10/state-employees-fooled-by-a-fake-payroll-website-farming-their-data/

The state has alerted all potentially impacted employees, and various departments will issue paper checks to those with recent direct deposit changes as a precaution.

Boston.comhttps://www.boston.com/news/local-news/2024/10/10/state-employees-fooled-by-a-fake-payroll-website-farming-their-data/

Despite the cyberattack, the state assures employees that payroll will not be affected and emphasizes that the official timekeeping system remains intact.

Boston.comhttps://www.boston.com/news/local-news/2024/10/10/state-employees-fooled-by-a-fake-payroll-website-farming-their-data/