MYOB automated payroll program accidentally emailed 220 individual payment summaries to the wrong people.
The automated payroll function suffered a glitch that forced the vendor to shut down access during the extremely-busy end of the financial year period.
A small number of people received incorrect payment summaries sent between 1 June and midday 28 June 2019 according to the company.
The investigation has since revealed 220 individual payment summaries went to the incorrect person.
Source: https://www.itnews.com.au/news/myob-in-payslip-privacy-bungle-527720
TPRM report: https://scoringcyber.rankiteo.com/company/myob
"id": "myo23162423",
"linkid": "myob",
"type": "Data Leak",
"date": "07/2019",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'customers_affected': 220,
'industry': 'Technology',
'name': 'MYOB',
'type': 'Software Vendor'}],
'attack_vector': 'Misconfiguration',
'data_breach': {'number_of_records_exposed': 220,
'sensitivity_of_data': 'High',
'type_of_data_compromised': 'Payment Summaries'},
'date_detected': '2019-06-01',
'description': 'MYOB automated payroll program accidentally emailed 220 '
'individual payment summaries to the wrong people. The '
'automated payroll function suffered a glitch that forced the '
'vendor to shut down access during the extremely-busy end of '
'the financial year period. A small number of people received '
'incorrect payment summaries sent between 1 June and midday 28 '
'June 2019 according to the company. The investigation has '
'since revealed 220 individual payment summaries went to the '
'incorrect person.',
'impact': {'data_compromised': ['Payment Summaries'],
'downtime': 'Yes',
'systems_affected': ['Payroll System']},
'investigation_status': 'Completed',
'post_incident_analysis': {'root_causes': 'Software Glitch'},
'response': {'containment_measures': 'Shut down access to the system'},
'title': 'MYOB Payroll Glitch',
'type': 'Data Breach',
'vulnerability_exploited': 'Software Glitch'}