Paytime sending letters to those affected by breach

(Harrisburg) — Paytime, a payroll company based in Upper Allen Township, Cumberland County, is sending out letters this week to employees affected by a security breach. But the initial hack happened about a month and a half ago.

Paytime has since run multiple tests of its systems, and is planning to offer one year of credit monitoring for those affected. Paytime says the delay in notifying employees is because it needed to get permission from their employers.

The breach at Paytime happened on April 7th, but didn’t get discovered until April 30th.

The information accessed by the hackers is extensive: names, Social Security Numbers, direct deposit bank account information, birth dates, home and cell phone numbers, home addresses, and more.

Chuck Davis is a computer forensics professor at Harrisburg University who has also worked at IBM as a global security operations manager.

He says employees of companies that contracted with Paytime must be frustrated.

“They didn’t make that decision. They didn’t decide to go to a restaurant and use a credit card rather than cash, or to purchase a book online from Amazon. This was the decision of their employer.”

Paytime declined to go on tape for an interview, but in a statement, apologized for the issue.

The company provides payroll services for companies and sent out about 88,000 W2s in 2012.

“When our personal data is put at risk, that could be time and money and resources, at a cost to us.”

Wayne County employees, plus those at Central Penn College, are believed to be affected by the breach.