Broadcom Employee Data Stolen By Ransomware Crooks Following Hit on Payroll Provider (theregister.com)
(Friday May 16, 2025 @11:20AM (msmash)
from the PSA dept.)
- Reference: 0177558757
- News link: https://news.slashdot.org/story/25/05/16/1422227/broadcom-employee-data-stolen-by-ransomware-crooks-following-hit-on-payroll-provider
- Source link: https://www.theregister.com/2025/05/16/broadcom_employee_data_stolen_by/
Broadcom employees have [1]had their personal data compromised following a September 2024 ransomware attack on Business Systems House (BSH), a Middle Eastern subsidiary of payroll company ADP.
The breach, claimed by the Russian-speaking El Dorado ransomware group, wasn't fully identified until December when stolen data appeared online, according to The Register. Broadcom only received details of affected employees on May 12, 2025. Compromised information potentially includes national ID numbers, financial account numbers, health insurance details, dates of birth, salary information, and contact details.
Five employee accounts were initially compromised, ultimately affecting 560 users. ADP has distanced itself from the incident, stating only "a small subset of ADP clients" in "certain countries in the Middle East" were affected.
[1] https://www.theregister.com/2025/05/16/broadcom_employee_data_stolen_by/
The breach, claimed by the Russian-speaking El Dorado ransomware group, wasn't fully identified until December when stolen data appeared online, according to The Register. Broadcom only received details of affected employees on May 12, 2025. Compromised information potentially includes national ID numbers, financial account numbers, health insurance details, dates of birth, salary information, and contact details.
Five employee accounts were initially compromised, ultimately affecting 560 users. ADP has distanced itself from the incident, stating only "a small subset of ADP clients" in "certain countries in the Middle East" were affected.
[1] https://www.theregister.com/2025/05/16/broadcom_employee_data_stolen_by/
Disgruntled VMware customer? (Score:3)
by Z00L00K ( 682162 )
Is there a disgruntled VMware customer involved somewhere?
Re: (Score:2)
by Chris Mattern ( 191822 )
Isn't "disgrunted VMware customer" redundant?
why is my payroll being processed by an Middle Eas (Score:2)
by Joe_Dragon ( 2206452 )
why is my payroll being processed by an Middle Eastern location?
Re: (Score:2)
by nightflameauto ( 6607976 )
> why is my payroll being processed by an Middle Eastern location?
Most likely because it's cheaper than paying someone in-country to do it. We've outsourced so much of the business world that it's unfathomable to the folks in charge that paying people far away way less to do the job could result in anything but cost savings. Security? That's a loser's game. A cost center. A failure to think about before it affects the bottom line in a negative enough way to make headlines. Apologizing after is easier than thinking about it upfront.
Re: (Score:3)
Having recently worked for a company that has a service integration with ADP payroll, I'm really not surprised. They were one of the primary reasons we were still running an old SFTP box using key exchange protocols that have been deprecated, because they won't upgrade their side of the SFTP connections to use a modern client.
We bent over backwards to isolate that piece of shit, basically just for ADP. Most other SFTP traffic we moved off to AWS Transfer Service, using modern kex / ciphers.
Fuck ADP. They