Walmart employee breached payroll service to ransack colleagues


Walmart, the US retail behemoth, had one of its employees penetrate the company‘s management system to commit payroll fraud.

The retailer reached out to its employees, whom Walmart calls “associates,” over a data breach discovered in early March this year.

According to the company, one of its employees, who has since been let go, accessed colleagues’ employment management accounts from September 2023 until March 2024.

“With access to the accounts, the former associate may have viewed certain payroll records and changed some associates’ payroll information to divert their paychecks to a fraudulent account,” reads the breach notification.

Walmart claims that unauthorized access may have exposed sensitive employee data such as:

  • Names
  • Phone numbers
  • Email addresses
  • Mailing addresses
  • Social Security numbers
  • Dates of birth
  • Bank account numbers and routing numbers

“As soon as we learned of the issue, we launched an investigation and took steps to secure affected associate accounts and prevent further unauthorized access. We terminated the associate for their actions and reported them to law enforcement,” Walmart said.

The company added that it's working to “resolve paycheck discrepancies.” Walmart will also offer affected individuals two years of complementary identity monitoring services.

Earlier this year, Spark, Walmart’s crowdsourcing delivery service, suffered a cyberattack, with malicious actors accessing the sensitive data of some of its drivers.

The breach, which the company says was most likely a credential stuffing or phishing attack, exposed the details of over 200 Spark Driver accounts.

Walmart is among the world’s largest retailers, with revenues exceeding $611 billion in 2023. The company employs over 2.3 million people globally.


More from Cybernews:

Total solar eclipse is stunning spectacle across North America

Musk: AI will be smarter than smartest human by end of next year

Ukraine’s Blackjack credited for taking down data center used by Russian military

Microsoft to open new AI hub in London

Important online privacy protection act presented in Congress

Subscribe to our newsletter



Leave a Reply

Your email address will not be published. Required fields are markedmarked