14 DAY TRIAL // Automatic Data Processing, Inc. is an international computer service company. They specialize in payroll processing, but offer various other services as well, such as human resources, screening and selection services and others. They sit on huge databases and recently, there has been news of one of them getting hacked. Databases getting hacked means that the people whose information had been stolen will either be targeted by spam, or scam, or frauds, or all of them.
The hackers stole some data such as names, addresses, e-mail addresses but didn't get to the more sensitive data, not because they wouldn't have cared about it, but because the system they hacked did not contain that. The machine that they attacked did not hold any social security numbers, bank accounts, passwords, HR data or similar confidential data, as I've read on BankNet360.
So, what can the hackers do with the data that they have stolen? Well, here's the worst case scenario - they send spam messages to all the e-mail addresses, and they make those messages look genuine. Then, in that e-mail they put a link to some hoax site, when the user will click the link, either his machine will get infected with a Trojan keylogger (but that would be more complicated) or he's redirected to a clone-site. He will be asked for more personal data on a webpage that looks like any official page of, say, ADP. If he enters his data, the hackers will use that to defraud the gullible user. This is called a multi-layer scheme.
In any case, ADP has already warned everyone that could have been affected by this, advising them not to open any fishy (or should I say "phishy"?) looking e-mail. Social engineering mixed with a little bit of malware and the right programs can get a hacker far, but they base their tactics on the naivety of some people. This is why you should be careful what you click on, if you want to stay out of trouble.