Threat actors have exploited the American Payroll Association by installing a skimming malware on its login page and checkout section. They exploited vulnerabilities in the APA’s content management system, which was perfect for skimming attacks.
After learning about the malware on their website, the American Payroll Association (APA) issued a data breach notification.
Cyber attackers have been said to gain access to information such as Name, Address, Birthday, and Financial Information.
The APA’s IT team first found about such unusual activity back on May 13, 2020. Now, the IT team has installed additional antivirus software across the website’s server and increased patch implementation frequency.