Payroll Security Breaches

Emily Kuhnert February 27, 2020
computer screen with code

We’ve created a list of recorded payroll specific security breaches to enable companies and public bodies understand the kind of payroll vulnerabilities they should be looking out for.


In 2016, payroll provider ADP was targeted by identity thieves who were able to steal payroll data as well as W-2 forms by registering employee names to gain access to a portal containing sensitive data. An undisclosed number of people were affected.


Between June and October 2018, Centerstone Insurance and Financial Services, operating under the name BenefitMall, a payroll and benefits provider, fell victim to a phishing attack which exposed over 111,000 individuals’ private data to hackers.  Information that was hacked included names, social security numbers, bank account details, date of birth, and addresses.


Between November 2018 and January 2019, KPMG Mexico, a payroll service provider exposed payroll data for 41 of their clients due to their information being stored in an insecure database.  The data became available online and accessible without any security checks or password protections.  Leaked data included federal taxpayer registry codes, social security numbers, bank account details, and salary information.

City of Tallahassee

In April 2019, nearly $500,000 was diverted from the City of Tallahassee’s payroll after a cyberattack that resulted in employees realizing they were not paid their monthly salaries. The hackers managed to infiltrate the state’s payroll provider and redirect employee payments to a foreign bank account.


Back in November 2019, a car was broken into and payroll data from 29,000 current and former Facebook employees was stolen from a hard drive.  Personal data including name, bank account details, and the last 4 digits of the employees’ social security number were taken.

Meadville Medical Center

In January 2020, the Meadville Medical Center in Pennsylvania had a security breach with their payroll system which resulted in unauthorized exposure of employee personal data and their dependents’ personal information.

With payroll seen more and more as an operational security weak point its vital to keep your workforce data secure from cyber criminals.

Papaya’s automated, cloud-based SaaS platform is ISO/27001 certified and SOC compliant, and includes Papaya Personal, a special portal for employees, workers, and contractors. All data is encrypted and is transferred through secure cloud-based channels, not email.

Phoenix Pay System

In February 2020 more than 69,000 Canadian federal employees became victims of a privacy breach after their personal information was emailed to the wrong people.

To fix problem of over payments by the federal government’s payroll system  – Phoenix Pay – the Public Services and Procurement Canada sent departmental heads of human resources and chief financial officers reports every two weeks listing employee over payments. A report naming 69,087 public servants including their personal and banking details was accidentally emailed to the wrong federal departments.

Papaya Global payroll platform lets you:

  • Automate payroll with zero processing errors
  • Manage global payroll, PEO & contractors via one platform
  • Make cross-border payments in 100+ countries