Financial Data Leaked From Consulting, Payroll & HR Companies

By   ISBuzz Team
Writer , Information Security Buzz | Dec 14, 2014 05:03 pm PST

Banks and retail organizations aren’t the only targets when it comes to stolen financial information. Other third-party consultants and business service providers deal with the same type of data, and criminals know it.

In the recent massive Sony Pictures Entertainment hack now being investigated by FBI, not only was internal financial information leaked online, but the salary information of over 30,000 Deloitte employees that worked within the tax, consulting and auditing branches of the company from as far back as 2005 was also compromised.

Free eBook: Modern Retail Security Risk – Get your copy now.

According to, the data was one of many documents that belonged to a Sony employee who worked in human resources and who had previously worked at Deloitte. (Apparently, they had saved some interesting HR files from their tenure.)

Deloitte, one of the largest consulting firms in the world that provides audit, tax, risk and financial advisory services, has needless to say a ton of financial data on thousands of enterprise companies. Although they weren’t hacked per se, any internal information about the company that is leaked is bad news.

Payroll Companies Breached

Another report of an intrusion comes from the specialized payroll company, American Residuals and Talent (ART Payroll), that services the advertising, entertainment, and events production industry, including members of the Screen Actors Guild-American Federation of Television and Radio Artists, according to the

ART Payroll recently reported an intrusion after detecting an unauthorized login to their web application. Data accessed includes client names, Social Security numbers, addresses, bank account information, date of birth and email addresses.

To learn about how payroll and HR data is stolen for the purposes of tax fraud, please read the rest of this article on Duo Security’s blog here.

By Thu Pham, Information Security Journalist, Duo Security | @Thu_Duo

thu_phamBio: Thu Pham covers current events in the tech industry with a focus on information security. Prior to joining Duo, Thu covered security and compliance for the infrastructure as a service (IaaS) industry at Online Tech. Based in Ann Arbor, Michigan, she earned her BS in Journalism from Central Michigan University.


About Duo Security

Duo-SecurityDuo Security is on a mission to provide advanced security solutions for organizations of all sizes. Duo’s innovative technology protects users, data and applications from credential theft and breaches with a focus on streamlined usability. The company was co-founded by CEO Dug Song, a major contributor to the security community, and CTO Jon Oberheide, expert cloud, mobile, and malware security researcher.