I THINK from reading all the stuff on this….the ADP accounts that were found were the accounts of customers…who log into the ADP portal to process their payroll using owned machines. I think it is all the same thing, users installing key loggers on their boxes.
To quote my good friend Boris: ‘Stop clicking on sh*t’. From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Thursday, December 5, 2013 3:52 PM To: [email protected] Subject: Re: [NTSysADM] Gmail, Twitter, Facebook Linkedin Massive account breach Nice. Thanks for that. Doesn't mean that companies using ADP are safe, though - if ADP's internal accounts are the problem, well, ADP has a really big problem. Kurt On Thu, Dec 5, 2013 at 10:10 AM, Kennedy, Jim <[email protected]<mailto:[email protected]>> wrote: Check your ownage here: https://pwnedlist.com/query From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Thursday, December 5, 2013 12:20 PM To: [email protected]<mailto:[email protected]> Subject: Re: [NTSysADM] Gmail, Twitter, Facebook Linkedin Massive account breach Even better, passwords from ADP were found on the same server... http://news.techworld.com/security/3492120/logins-stolen-from-facebook-google-adp-payroll-processor/ On Thu, Dec 5, 2013 at 8:45 AM, Ziots, Edward <[email protected]<mailto:[email protected]>> wrote: http://money.cnn.com/2013/12/04/technology/security/passwords-stolen/index.html Note: This was due to keylogging software installed on a ton of systems, which wasn’t a direct breach of these companies but just underscored how poorly the common computer is secured, but everyone wants to do banking, etc etc on there. Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization [email protected]<mailto:[email protected]> Work:401-255-2497<tel:401-255-2497> This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. [Description: Description: Lifespan]
<<inline: image001.jpg>>
