Broadcom Employee Data Stolen By Ransomware Crooks Following Hit on Payroll Provider (theregister.com) 14
Broadcom employees have had their personal data compromised following a September 2024 ransomware attack on Business Systems House (BSH), a Middle Eastern subsidiary of payroll company ADP.
The breach, claimed by the Russian-speaking El Dorado ransomware group, wasn't fully identified until December when stolen data appeared online, according to The Register. Broadcom only received details of affected employees on May 12, 2025. Compromised information potentially includes national ID numbers, financial account numbers, health insurance details, dates of birth, salary information, and contact details.
Five employee accounts were initially compromised, ultimately affecting 560 users. ADP has distanced itself from the incident, stating only "a small subset of ADP clients" in "certain countries in the Middle East" were affected.
The breach, claimed by the Russian-speaking El Dorado ransomware group, wasn't fully identified until December when stolen data appeared online, according to The Register. Broadcom only received details of affected employees on May 12, 2025. Compromised information potentially includes national ID numbers, financial account numbers, health insurance details, dates of birth, salary information, and contact details.
Five employee accounts were initially compromised, ultimately affecting 560 users. ADP has distanced itself from the incident, stating only "a small subset of ADP clients" in "certain countries in the Middle East" were affected.
ADP is getting their clock cleaned (Score:1)
They used to be the default for payroll but their overseas support is so bad that people are fleeing for just about anyone else. They tried expanding their system into a whole HR people management system but workday (that accursed company) has pretty much swallowed up that market so that's not an option for ADP anymore. This kind of bullshit attitude in the article is exactly why ADP is doomed.
If people are looking for a good billion-dollar business opportunity, a worldwide payroll provider that actually wo
Re: (Score:3)
Having recently worked for a company that has a service integration with ADP payroll, I'm really not surprised. They were one of the primary reasons we were still running an old SFTP box using key exchange protocols that have been deprecated, because they won't upgrade their side of the SFTP connections to use a modern client.
We bent over backwards to isolate that piece of shit, basically just for ADP. Most other SFTP traffic we moved off to AWS Transfer Service, using modern kex / ciphers.
Fuck ADP. They
Re: (Score:2)
ADP Canada got acquired and in the end I believe became a part of workday. I remember seeing the name at the bottom of my paystubs go from ADP to whatever they became then Workday.
Funny though, the layout of the paystubs never changed.
I didn't know ADP was still in Canada until my present employer actually uses them and everything's different from workday.
Disgruntled VMware customer? (Score:1)
Is there a disgruntled VMware customer involved somewhere?
Re:Disgruntled VMware customer? (Score:4, Funny)
Isn't "disgrunted VMware customer" redundant?
Re: (Score:2)
Did they figure out the specific people who's idea it was to quadruple VMWare VSphere licensing costs? I sure that there are plenty of people who want to leave a flaming bag of poo on their doorsteps.
Re: (Score:2)
Replace poo with a box of angry skunks and I think you are on the right track.
why is my payroll being processed by an Middle Eas (Score:3)
why is my payroll being processed by an Middle Eastern location?
Re: (Score:2)
why is my payroll being processed by an Middle Eastern location?
Most likely because it's cheaper than paying someone in-country to do it. We've outsourced so much of the business world that it's unfathomable to the folks in charge that paying people far away way less to do the job could result in anything but cost savings. Security? That's a loser's game. A cost center. A failure to think about before it affects the bottom line in a negative enough way to make headlines. Apologizing after is easier than thinking about it upfront.
Re: (Score:2)
It's actually quite fathomable. I'm sure some general ledger tracks it down to the penny.
No (Score:2, Interesting)
YOUR payroll was not being done in the middle east. Payroll is processed locally. Broadcom evidently had 560 employees working in the middle east, which is not a huge number given they have about 37,000 employees worldwide. There are so many specific local legal compliance requirements for payroll that you must have someone in-country or in a very similar country to do payroll in a compliant way. That includes the outsourced payroll providers, when you outsource payroll, it's not enough to know that the US
Good news! (Score:2)
They can keep their data private by licensing it for $350,000 per year or $250,000 per year if they sign up for a 3 year term.
ADP is hacked way too much (Score:2)
Just search for "ADP hacked" to see how bad they are.