Payroll Partner Blunder: Broadcom Employee Data Leaked in BSH Breach
A payroll partner’s ransomware disaster turns into a full-blown headache for Broadcom, with employee info leaked online. The Broadcom payroll data breach serves as a painful reminder that your vendors’ mistakes can become your biggest security nightmares.
Editor's note:
The source article was updated shortly after publication to correctly state that BSH is a business partner of payroll company ADP, and not a subsidiary of ADP as first reported. The Nerd's updated take is below!Editor’s note: The source article was updated shortly after publication to correctly state that BSH is a business partner of payroll company ADP, and not a subsidiary of ADP as first reported. The Nerd’s updated take is below!
Hot Take:
When your payroll provider’s business partner gets hacked and your employee data winds up on a ransomware gang’s blog, it’s time to revisit the old saying: “You had one job!” This incident reads like a corporate cybersecurity trust fall—with no one catching anyone. Broadcom employees didn’t sign up for this identity theft lottery, but here we are. Somewhere, El Dorado is laughing in Russian.
Key Points:
- Broadcom employee data was exposed after a ransomware attack on payroll vendor BSH, a Middle East partner of ADP.
- El Dorado, a rising ransomware gang possibly linked to BlackLock, claimed credit for the breach.
- Leaked data includes national IDs, health insurance info, salaries, and more.
- ADP insists its systems were not compromised and no ransom was paid by them or BSH.
- The attack highlights the dangers of third-party vendor vulnerabilities in cybersecurity chains.
Already a member? Log in here