P2017-ND-062

In March 2017, the Organization discovered that a third party obtained unauthorized access to the MyPay system hosted and serviced by the Organization?s third-party service provider. The system is an electronic platform that provides the Organization?s employees with web-based access to employment information and payment records through an on-line portal. The service provider investigated, and determined that a third-party accessed the online portal by manipulating the login features. The information was exposed between approximately April 2016 and March 2017. The incident was discovered during the week of March 6, 2017, when the Organization was advised by three of its employees that information stored on the online portal had been altered.

File Type: pdf
File Size: 330 KB
Categories: 2017