State Investigating Payroll-Related Cyberattack
Individual Created Fake Website Resembling Portal For Mass. Workers
Officials are investigating an apparent cyberattack that led to “unauthorized access” to some state employees’ online payroll account and direct deposit information.
Comptroller William McNamara’s office said someone created a fake website resembling the”Self-Service Time and Attendance,” or SSTA portal for Massachusetts workers.
An unspecified number of employees used the spoofed version of the site, “allowing for unauthorized access to their user account and direct deposit information,” McNamara’s office said.
“There is no evidence indicating any compromise of the full system. The compromised accounts are the result of user error entering their credentials into a spoofed website,” the comptroller’s office wrote in a post Wednesday evening explaining the situation. “Please note that all potentially impacted employees have been contacted.”
Michael Sangalang, a spokesperson for the comptroller’s office, said Thursday morning it’s not clear how many employees were affected.
“Many of the recent direct deposit changes were in fact legitimate requests; we are still working to determine how many were legitimate and how many were unauthorized,” Sangalang said.
Employees known to be affected by the breach will receive a paper check, not direct deposit, for the current pay cycle, which will continue on time. Some workers who made a change to their direct deposit information between Oct. 1 and Oct. 8 will receive a paper check “out of an abundance of caution,” McNamara’s office said.
Workers can confirm their direct deposit information remains accurate in the HR/CMS portal. Anyone who receives notice of unauthorized information change should contact their payroll department, or the MassHR Employee Service Center at (617) 979-8500 or MassHREmployeeServiceCenter@mass.gov.