Oh ho…. this explains the confusion created by a recent breach report by Regeneron to the New Hampshire Attorney General’s Office. I had been wondering why Regeneron was claiming that they had first found out about a breach involving Ceridian in June when Ceridian had claimed back in February that everyone was notified. I had even called Ceridian last week to ask about Regeneron’s report, but despite their promise to get back to me, they never did. Now I understand why. It appears that what Regeneron was talking about was not the Ceridian breach we knew about in February, but a new breach — this one of Regeneron — that attempted to steal or divert funds by using Regeneron’s credentials to access their payroll account with Ceridian. Robert McMillan reports:
… In what may be a troubling sign of things to come, criminals recently hacked into a desktop computer belonging to Regeneron Pharmaceuticals and tried to steal money by redirecting funds using Regeneron’s account on the company’s third-party payroll system, operated by Ceridian.
The attack didn’t work, but it shows that criminals, who have been making millions of dollars by hacking into computers and initiating fraudulent bank transfers, may have found a new target.
The hacking happened sometime around June 18, said Ross Grossman, vice president of human resources with Regeneron, a 1,200-employee drugmaker based in Tarrytown, New York. “Someone using some kind of malware was able to hack in and get the user name and password of one of our employees and use the Ceridian system,” he said in an interview.
Read more on Computerworld.