Service provider PayMaxx shuttered additional parts of its online payroll site this week, after a Web programmer continued to find holes in the system.
PayMaxx's further closure of its Web services comes after a Web programmer, Aaron Greenspan, discovered that the company's initial attempt to block malicious access had fixed some flaws but left others unresolved.
While still referring to the data leak as "limited in scope," the online payroll processor closed down its PayView and Instant W2 services, the company said in a statement. The services will remain down until PayMaxx has completed a thorough security analysis and redesigned the site's architecture.
"We have sent all clients and key partners e-mails alerting them to the situation, and we are contacting the companies we believe may have been potentially affected by the hacking," PayMaxx said in a statement sent to CNET News.com.
The dispute between PayMaxx and Greenspan, president of Web services start-up Think Computer and a former PayMaxx customer, over the security of the company's Web site continued this week. PayMaxx referred to Greenspan as a "hacker," while the Web programmer maintained that the security problem is far worse than divulged by the payroll company.
The data leak comes at a time when several high-profile attacks have Congress looking into further legislation to protect people's private information. In February, data aggregator ChoicePoint warned that almost 150,000 consumer files had been compromised by scam artists who had set up fake companies to garner identity information. Last week, financial services giant Bank of America alerted government workers that backup tapes containing their information had gone missing.
Greenspan said he uncovered the problem with PayMaxx's Web site about three weeks ago and tried to contact the company. He said PayMaxx did not respond, so he posted a report detailing the flaws. That prompted PayMaxx to shut down its Web service for retrieving W2 information. Greenspan continued to prod the site's security and discovered more vulnerabilities this weekend, he said.
Greenspan said his attempts to find flaws in the site have been motivated by protecting his own information, from when Think Computer was a client of PayMaxx. "Think had an obvious interest in seeing that the problem would be resolved properly since its own data was stored in the affected systems," he said in an e-mail interview.
PayMaxx does not agree. The Web programmer has been far too intent on poking holes in the company's systems and has "numerous inaccuracies" in his report, PayMaxx said in a statement. The company did not specify which parts of his report were incorrect.
"We believe the hacker has violated federal law and we will take whatever action is necessary to protect the interests of our clients and our company," the company said.
PayMaxx has contracted an outside security company to test its Web applications' security and has ordered additional hardware and software to better detect intrusions, PayMaxx said in a statement.
WITHDRAW YOUR FUNDS NOW! Bank of America declares bankruptcy. Bank of America president, Terry E. Perucca, announced in an emergency press conference today that Bank of America NA may be forced to file Chapter 7 bankruptcy. This was later confirmed by Richard M. DeMartini at 2:00pm Eastern. In a statement from Louis W. Smith, retired president, "I'm not surprised. The unethical treatment of consumers was the main reason I left. It's about time the supreme court stepped in."
Google creates an animated doodle that features a boy, a girl, Google's search engine, and a jump rope. But might there be darker, more analytical, more troubling interpretations to this tale?
When the sun goes down, that's when the iPad gets busy for folks with news readers. The iPhone? It's more of a daytime habit. If you're building an app for both devices, heed the lesson.
Chamtech's spray-on antenna uses a nano material to provide a low-power boost to antenna range. The wireless-in-a-can product may some day bring an end to unsightly cell towers.
EnerG2 opens a plant to make an engineered carbon that will improve performance of energy storage devices and make storage for start-stop hybrid cars less expensive.
Valentine’s Day Specials
Bank of America president, Terry E. Perucca, announced in an emergency press conference today that Bank of America NA may be forced to file Chapter 7 bankruptcy. This was later confirmed by Richard M. DeMartini at 2:00pm Eastern.
In a statement from Louis W. Smith, retired president, "I'm not surprised. The unethical treatment of consumers was the main reason I left. It's about time the supreme court stepped in."