Edition: us
Search
Windows 10 cloud ai innovation security morenewslettersall writers
must read: huawei believes banning it from 5g will make countries insecure
Payroll firm pulls web services, citing data leak
Paymaxx shuttered additional online services this week, after a web programmer continued to find holes in the system.
robert lemos
By robert lemos | march 2, 2005 — 01:52 gmt (17:52 pst) | topic: security
0
Service provider paymaxx shuttered additional parts of its online payroll site this week, after a web programmer continued to find holes in the system.
Paymaxx's further closure of its web services comes after a web programmer, aaron greenspan, discovered that the company's initial attempt to block malicious access had fixed some flaws but left others unresolved.
While still referring to the data leak as "limited in scope," the online payroll processor closed down its payview and instant w2 services, the company said in a statement. the services will remain down until paymaxx has completed a thorough security analysis and redesigned the site's architecture.
"we have sent all clients and key partners e-mails alerting them to the situation, and we are contacting the companies we believe may have been potentially affected by the hacking," paymaxx said in a statement sent to cnet news.com.
The dispute between paymaxx and greenspan, president of web services start-up think computer and a former paymaxx customer, over the security of the company's web site continued this week. paymaxx referred to greenspan as a "hacker," while the web programmer maintained that the security problem is far worse than divulged by the payroll company.
The data leak comes at a time when several high-profile attacks have congress looking into further legislation to protect people's private information.in february, data aggregator choicepoint warned that almost 150, 000 consumer files had been compromised by scam artists who had set up fake companies to garner identity information. last week, financial services giant bank of america alerted government workers that backup tapes containing their information had gone missing.
Advertising
Greenspan said he uncovered the problem with paymaxx's web site about three weeks ago and tried to contact the company. he said paymaxx did not respond, so he posted a report detailing the flaws. that prompted paymaxx to shut down its web service for retrieving w2 information. greenspan continued to prod the site's security and discovered more vulnerabilities this weekend, he said.
Greenspan said his attempts to find flaws in the site have been motivated by protecting his own information, from when think computer was a client of paymaxx. "think had an obvious interest in seeing that the problem would be resolved properly since its own data was stored in the affected systems," he said in an e-mail interview.
Are you a changemaker?
T-mobile is looking for young visionaries with big ideas. join the challenge.
Sponsored by t-mobile
Paymaxx does not agree. the web programmer has been far too intent on poking holes in the company's systems and has "numerous inaccuracies" in his report, paymaxx said in a statement. the company did not specify which parts of his report were incorrect.
"we believe the hacker has violated federal law and we will take whatever action is necessary to protect the interests of our clients and our company," the company said.
Paymaxx has contracted an outside security company to test its web applications' security and has ordered additional hardware and software to better detect intrusions, paymaxx said in a statement.
Related topics: enterprise software security tv data management cxo data centers
0
By taboolasponsored links
Recommended for you
$699 average annual savings for drivers who switch and save.
Progressive
9 reasons this electric toothbrush is worth all the hype
Quip
Forget robots, 5g and electric cars - this is the next big thing
Trademaker
show comments
More from robert lemos
Enterprise software
Congress and tech: little to show
Security
Melissa's long gone, but lessons remain
Banking
Banks ordered to tell customers about breaches
Enterprise software
Mozilla fixes risky firefox flaw
Newsletters
Zdnet security
Your weekly update on security around the globe, featuring research, threats, and more.
subscribe
See
All
More resources
White paper: not all background checks are created equal
Ebooks from evident id
read now
On demand webcast - exposed & at risk
Webcasts from threatx
watch now
Netscout - visibility without borders
Research from netscout
read now
Related stories
1 of 3
You may not know you are doing something illegal online
Despite fake names being illegal, almost eight in 10 americans do not care and plan to continue using a fake name on the internet.
Firefox 69 is out: flash squeezed out, tracking protection on by default
Firefox 69 brings its enhanced tracking protection to all 100 million firefox users.
Over 47, 000 supermicro servers are exposing bmc ports on the internet
Researchers discovered a new remote attack vector on supermicro servers that are exposing their bmc port over the internet. patches are available.
Here's what you need to know about uefi firmware
Linux on your laptop
Here's what you need to know about uefi firmware
Plus
Raspberry pi 4 & raspbian: 2 months in, what i've learned so far
From linux to cloud, why red hat matters for every enterprise
The linux desktop's last, best shot
How mulesoft patched a critical security flaw and avoided a disaster
How mulesoft patched a critical security flaw and avoided a disaster
Security matters files patent for plant tracking
Cannabis on a blockchain
Security matters files patent for plant tracking
Samsung preps another foldable device as tech tries to rekindle gadget lust
For 2020
Samsung preps another foldable device as tech tries to rekindle gadget lust
Just in
It budgets 2020: how the money will be spent, and who will spend it
19 minutes ago
You may not know you are doing something illegal online
22 minutes ago
Industry calls for joint participation to cement australia's digital future
26 minutes ago
Firefox 69 is out: flash squeezed out, tracking protection on by default
31 minutes ago
Eu turns from american public clouds to nextcloud private clouds
40 minutes ago
Will apple tv+ be worth it? here are three full trailers to help you decide
54 minutes ago
Tech budgets 2020: a cxo's guide
55 minutes ago
Research: 2020 it budgets increase as priorities grow
56 minutes ago
Today on zdnet
special feature
The industry cloud: why it's next
Free pdf download: tech budgets 2020, a cxo's guide
What do business leaders need to know about planning their upcoming it budgets? find out by downloading the free pdf ebook version of a special report from zdnet and techrepublic.
57 minutes ago by melanie wolkoff wachsman in cxo
New us-poland 5g pact: will it help loosen huawei's grip on europe?
The 5g agreement between the us and poland comes amid a worsening trade war with china.
1 hour ago by bojan stojkovski in mobility
Samsung preps another foldable device that folds into a square for 2020 as tech tries to rekindle gadget lust
Samsung gives you another reason to hold off on those 2019 smartphone upgrades.
2 hours ago by larry dignan in 5g
How mit is trying to resolve ai bias
Tonya hall talks with dr. aleksander madry, associate professor of computer science at mit, about what is being done to resolve bias and error in computer vision algorithms.
2 hours ago by tonya hall in artificial intelligence
Huawei to doj: we didn't steal smartphone camera patent
Huawei has rejected claims it ripped off an inventor's camera design.
2 hours ago by liam tung in mobility
Video
Part galaxy, part google, part iphone: what would your dream phone look like?
Transforming robot will mow fields, shovel snow
Taking a page from irobot's playbook, this robotics firm developed an automated groundskeeper.
3 hours ago by greg nichols in robotics
2020 it budget research report: security, cloud services, and digitalization are top budget priorities
2020 it budget research report: security, cloud services, and digitalization are top budget priorities
Companies increasingly respond to new business conditions with their technology spends, and nowhere is this more apparent than in their it budgets. where exactly businesses plan to spend their...
From techrepublic premium
Are consumers snubbing flagship phones in favor of mid-range handsets? looks like it
Enthusiasm for pricey flagship handsets is declining as once-premium features appear on cheaper phones. samsung and huawei climb as apple slides.
3 hours ago by zdnet editors in 5g
Samsung's galaxy a90 lands: new phone brings 5g's faster speeds to the mid-range
Samsung unveils its top galaxy a series smartphone, the galaxy a90 5g.
4 hours ago by liam tung in 5g
Over 47, 000 supermicro servers are exposing bmc ports on the internet
Researchers discovered a new remote attack vector on supermicro servers that are exposing their bmc port over the internet. patches are available.
4 hours ago by catalin cimpanu in security
Linux on your laptop: here's what you need to know about uefi firmware
Understanding uefi firmware, and the linux utilities to manage it, can save you a lot of time and trouble.
5 hours ago by j.a. watson in linux
Gallery
How microsoft lost its monopoly in web browsers
Load more
By taboolasponsored links
Recommended for you
The genius trick every bed bath & beyond shopper should know
Wikibuy
The worst breeds to adopt according to veterinarians
Livestly
Look closer... unedited photos captured in nature
History daily
Newsletters
Zdnet week in review - us
A weekly summary of the news that matters in business technology.
subscribe
See
All
Article
Windows 10 update: the complete guide for businesses of every size
Tech budgets 2020: a cxo's guide
How mit is trying to resolve ai bias
Are consumers snubbing flagship phones in favor of mid-range handsets? looks like it
Hong kong isps oppose any government plans to restrict internet network
Canberra to create cyber and ip taskforce to protect unis from foreign interference
Farmbot delivering remote watering solutions to aussie farmers
Article
Top cloud providers 2019: aws, microsoft azure, google cloud; ibm makes hybrid move
Wyndham hotels & resorts tackled technical debt, cloud, hybrid cloud in a hurry [cloud tv]
Hsbc charts out its move to the cloud [cloud tv]
How brinker international thinks through cloud, data, apple ipads [cloud tv]
Why security is the top barrier in enterprise cloud adoption [hybrid cloud tv]
How new belgium brewing evaluated managed vs. private cloud [hybrid cloud tv]
With red hat, ibm to become the leading hybrid cloud provider
More resources
How to solve the enterprise communications crisis with an open cloud strategy
White papers from 8x8, inc.
read now
The it architects guide to file gateway consolidation
White papers from ibm
read now
How to build a successful cio career (free pdf)
Ebooks from techrepublic
read now
It budgeting: how to do it right (free pdf)
Ebooks from techrepublic
read now
Zdnet
Connect with us
© 2019 cbs interactive. all rights reserved. privacy policy | cookies | ad choice | advertise | terms of use | mobile user agreement
Visit other cbs interactive sites:
Topics
All authors
Galleries
Videos
Sponsored narratives
About zdnet
Meet the team
Site map
Rss feeds
Reprint policy
Join | log in | membership
Newsletters
Site assistance
Zdnet academy
Techrepublic forums
Add your opinion