Experts On American Payroll Assn attack; Fed. Acquisition Supply Chain Security Act

513 0
Dot Your Expert Comments
Facebook Twitter WhatsApp Google LinkedIn Email

The nonprofit American Payroll Association (APA) notified members and customers of a data breach resulting from a web skimmer on its website login and online store checkout pages. The Association and its 121 local chapters organize training seminars and events that are attended by more than 36,000 yearly.

EXPERTS COMMENTS
Saryu Nayyar, CEO,  Gurucul
September 02, 2020
Government acquisition and supply contracts are a complex issue.
Government acquisition and supply contracts are a complex issue. Every organization needs to balance capability, cost, and security, when they're buying new hardware or software, but buyers in the Federal space have National Security concerns that civilian agencies don't have to consider. Hopefully, this new guidance from OMB (Office of Management and Budget) will provide a transparent and consi ....
[Read More >>]
Saryu Nayyar, CEO,  Gurucul
September 02, 2020
If it was a CMS flaw, it shows that security holes aren't being patched in a timely fashion.
The American Payroll Association breach shows a number of places where the industry as a whole still needs to do a better job. Attackers were apparently able to leverage a flaw in APA's content management system (CMS) or a compromised admin account to place their skimmer. If it was a CMS flaw, it shows that security holes aren't being patched in a timely fashion. Whether it was because the flaw ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments
In this article