Neurocare, Inc. has been notifying some employees after one of their systems was infected by malware and the criminals acquired the firm’s login credentials to its payroll processor account. The credentials were then used to re-route direct deposits for some employees to other accounts.
The scheme was foiled because Neurocare’s unnamed payment processor detected an unusual number (17) of change requests and notified Neurocare promptly. The processor was able to reverse any transactions before they went through, so no money was lost. The IPs of the attackers were provided to the firm by the processor.
Payment processors have gotten bad press at times over their failures. It’s a shame that Neurocare didn’t name this payment processor in their report to the New Hampshire Attorney General’s Office so that they could get some positive coverage.