PayChoice Inc, a large online provider of payroll processing services, shut down for the second time this month because of a security breach in its system.

The company didn't identify the problem but said it had activated additional security measures to protect client data after it identified a "key mechanism" used by hackers. The New Jersey company provides payroll processing services and has more than 125,000 business customers, according to Computerworld.com.

PayChoice sent a letter to its customers outlining the problem. It said the breach appeared to be linked to the password reset function on the portal. The letter, quoted by the Washington Post, said those responsible for the breach appear to have stolen login IDs and passwords belonging to customers by exploiting weaknesses in the function.

The hackers didn't stop there. The valid login credentials of an employee at one of PayChoice's customers was used to add fictitious employees to that customer's payroll in an attempt to have payments made to fraudulent bank accounts, PayChoice said.

In the first incident earlier this month, PayChoice was breached when hackers stole the login credentials of an unknown number of customers and attempted to use the data to steal additional information from the customers.

For more on PayChoice's problems:
- see this Computerworld.com article

Related Articles:
Big online payroll service hacked
What to do after a data breach