Massachusetts shuts down payroll system after successful phishing campaign

Massachusetts suffered a cyberattack that forced it to shut down its statewide payroll system for parts of the day on Tuesday and Wednesday, according to a notice posted to the state comptroller’s website.

According to the notice, the state’s Employee Self-Service Time and Attendance, or SSTA, system was compromised following a “credential harvesting campaign” designed to steal personal and financial data from Massachusetts state employees.

“A fake website was created that resembled the SSTA portal. Some employees used this website, believing it to be the correct website, and entered their SSTA username and password, allowing for unauthorized access to their user account and direct deposit information,” the post read.

According to the notice, IT officials alerted affected employees and temporarily disabled the payroll system as precaution to safeguard state employee information.

The comptroller’s office said the incident will not affect the state’s payroll dispersals and that employees’ normal bi-weekly payments will still go out this week. The office said some employees changed their direct deposit information as a precaution.

Such scams against state and local governments are common. In June, a business email compromise cyberattack against Arlington, Massachusetts, a town located about six miles northwest of Boston, enabled criminals to steal nearly half a million dollars.