follow us:Google+FacebookLinkedInTwitterVimeoRSS Feeds


Hackers breach Paytime Inc. security


Back to Top Comments Email Print

A Cumberland County payroll company that Business Journal records say issued 85,000 W2s in 2012 is working to address the ramifications of a security breach.

Paytime Inc., which is based in Upper Allen Township, said in a written statement today that it discovered a compromise of user names and passwords related to its client service center on April 30 and began notifying clients May 12.

According to posts on the company’s social media sites, Paytime moved into 5053 Ritter Road, Suite 100, on April 28, consolidating what had been two separate locations. Paytime notified its clients that, because of the move, the clients would not be able to use part of its system from Thursday, April 24 at 5 p.m. through 8 a.m. Monday, April 28.

"We take any compromise very seriously, and we are truly sorry for any concern this issue may cause any of our clients or their employees," the statement said. 

According to the company, it began investigating immediately, retaining third-party IT forensic experts and working with law enforcement. So far, it has been determined that the intruders -- "skilled hackers working from foreign IP addresses" -- first gained access to Paytime’s systems April 7.

"These intruders identified and exploited a vulnerability in Paytime’s Client Service Center, which allowed them to access employee information. Paytime has since run multiple tests to confirm security, and have also implemented new monitoring and intrusion detection systems," Paytime said.

The company said it will be working with clients to notify their employees and to provide them with the resources they need to respond to this incident. The resources include providing employees access to one free year of credit monitoring, call center support and identity restoration services in the event any employee discovers fraudulent activity.

"This matter, including the provision of accurate answers to clients’ questions, remains our highest priority," Paytime said in the statement. "We thank our clients for their patience and understanding as we work with them to respond to the needs of their affected employees."

Paytime was founded in October 1992, according to its website, by President Nathan Patterson and a colleague.

Heather Stauffer

Heather Stauffer

Heather Stauffer covers Lancaster County, nonprofits, education and health care. Have a tip or question for her? Email her at Follow her on Twitter, @StaufferCPBJ.



Potential Client said:
What an unprofessional way to handle this breach. We have been seriously considering a payroll company to handle our HR & payroll needs, but after seeing the many articles and quotes, Paytime Inc. is now off the list. Here's a tip: Take responsibility, make it right, and communicate it to everyone. Sounds like some of the staff should be heading for other opportunities.

It's interesting that PayTime's website ( doesn't mention this breach event anywhere, yet their same-name competitor Paytime, Inc. in Ohio ( had to issue a Warning statement on their front page to separate themselves. And another statement on their LinkedIn page.

Also interesting that PayTime, Inc.'s Facebook and Twitter accounts have been taken down. And the LinkedIn account has no updates on this issue.

May 27, 2014 5:32 pm

Beagle babe said:
All those affected by this security breach should be provided ongoing Life Lock security by Paytime corp which costs a bt $300 year to monitor all of one accounts. The one year credit monitoring is not adequate . I agree with many comments by others .
Am interested in pursuing pressing Paytime Inc to respectfully assist all of us victims of their breach in security .

May 20, 2014 7:21 pm

An employee who doesn't "get it" said:
Wondering if this direct quote from their website is indicative of their approach / attitude to security:

"Security is not a problem because Payentry uses a 128 bit SSL encryption and no additional software is needed."

Because SSL has no history of vulnerability, amiright?

May 15, 2014 7:40 pm

Employee who doesn't "get it." said:
Wondering if this direct quote from their website is indicative of their approach / attitude to security:

"Security is not a problem because Payentry uses a 128 bit SSL encryption and no additional software is needed."

Because SSL has no history of vulnerability, amiright?

May 15, 2014 6:27 pm

UGGGGH said:
Just heard everyone at my company was affected by this too. Every bit of personal information, stolen...

May 15, 2014 2:11 pm

Midstate Molly said:
@Chris S. - no, PAYtime did NOT notify at least one company in the midstate with more than 300 employees of any possible breach of data or any potential effect. Said company received NO indication that anything was amiss, received NO ongoing updates of any sort, and did not hear of anything until after business hours on Monday. So far, PAYtime has referred to this disaster as merely an "inconvenience" to its clients and their hundreds of employees. They STILL have not notified the individuals directly affected (because they're verifying addresses. Because they didn't bother to start tackling that administrative task for the past two weeks). Their handling of the situation is not only despicable, it is unethical and with absolutely no consideration shown to the people whose lives will be affected by this for years to come.

May 15, 2014 9:00 am

What??? said:
Chad S, I don't believe you. You sound like their PR guy or at least just like story they gave to the Patriot trying to cover their butts.

May 15, 2014 8:29 am

Concerned said:
@Chris S. - Also, if the DID keep their companies in the loop, I can't believe it was made clear to them what exactly was going on. I realize it is not wise to panic and if they (Paytime)didn't know what they were dealing with, perhaps policies need to be reviewed in companies that deal with this type of information. Cyber crime is not going away any time soon, be it from domestic or foreign IP's. I do recant my previous rant(angry and affected I suppose), but publicly, Paytime is not handling this situation very well. All they should be saying is "We're sorry. We have identified, and fixed the problem. Here is what we are doing to help those affected" and leave out all of the "Hey, it could happen to anyone. It's just the age we live in, get use to it."

May 15, 2014 7:31 am

Concerned said:
@ Chris S. - NO. No they did not. I know a few people that work for companies affected by this and there was no notice given. Even if notice WAS given to top officials at these locations, it would have at least prompted a shuttering if their accounts and other measured to mitigate the affect of their companies. That did not happen. I'd be willing to bet that most of the employees at Paytime didn't even know it happened. The poor handling of the situation can be gleamed from the press releases regarding the situation as well. Much can be made from this statement: "Haverstick apologized for any concern this breach creates but said in this day and age, breaches like this can happen to anybody. " (from Patriot News) Because deflecting to Target will help. Paytime is a company who is responsible for a person's total life's information: SSN, home address and phone, bank accounts, etc. but are acting like they are running a Chuck E Cheese.

May 15, 2014 7:16 am

Chad S. said:
They did notify their clients 2 weeks ago. The emails alerted us of the breach, but nothing was made public until Monday. They were not sure what they were dealing with, and they kept us updated continually.

May 14, 2014 4:04 pm

Please note: All comments will be reviewed and may take up to 24 hours to appear on the site.

Post Comment
     View Comment Policy
Back to Top