FedEx Smartpost (FXG), a subsidiary of FedEx Ground Package System, was affected by the ADP/Workscape breach reported a few weeks. At the time, ADP had indicated that the intrusion affecting Workscape only affected one client as far as they knew. FXG appears to be that client.
According to a letter sent by FXG’s lawyers to the New Hampshire Attorney General’s Office on June 24, a human resources database system administered by Workscape had a vulnerability from May 3 through June 6. As a result of the vulnerability, some employees’ names, addresses, Social Security Numbers and bank direct deposit account information may have been exposed.
FXG indicated that they became aware of the vulnerability on June 7 and disabled the Workscape application the following day.
Two New Hampshire residents were being notified of the vulnerability, but the total number affected was not disclosed in the notification.
Gee, isn’t it remarkable how this breach changed nature. At first ADP said there was no personal information on “the platform.” Very commendable of FXG to come forward with a full statement, something that ADP should have done since they were at fault.