
Massachusetts officials are working to manage the fallout from a credential harvesting campaign that tricked some state employees into providing their payroll information to a fraudulent website, according to recent statements from the state Office of the Comptroller. The Boston Globe reported that the fake site mimicked the state’s Time and Attendance portal, capturing login details without compromising the legitimate system, as explained by spokesperson Michael V. Sangalang.
Despite the immediate alert to affected employees and no signs of "misdirected" payments, an estimate of the full extent to which employees' data were compromised remains elusive while officials conduct an in-depth analysis that has necessitated the temporary shutdown of the official portal; it has since been restored albeit with limited capabilities, and the state has been taking further steps to ensure that no additional employees will be susceptible to the phishing attack, Sangalang noted in communications obtained by the Boston Globe.
This incident has sparked concern over data security within the state government, leading to a state-wide notice, and a request for affected workers to come forward, any employee who notices an unauthorized direct deposit change should reach out to their payroll department or MassHR Employee Service Center, as highlighted in the memo from Comptroller William McNamara and the state’s technology services and security secretary, Jason Snyder, according to information from The Boston Globe.
Adding to the complexities, officials are still trying to determine the number of affected workers and how cyber attackers directed employees to the counterfeit website. Those who entered their login credentials unintentionally provided access to their accounts and financial information, as stated by Michael Sangalang to Boston.com. Officials are also working to identify which changes to direct deposit account information were legitimate and which were not.
While payroll processes for state employees are expected to proceed without interruption—some may receive paper checks if there were recent changes to direct deposit information. In response, McNamara's office has posted job listings on social media to enhance security measures and strengthen the integrity of Massachusetts' data systems.









