ADP Comments on U.S. Attorney's Amended Complaint Related to Recently Announced International Cybercrime Conspiracy

Jun 13, 2013, 18:00 ET from Automatic Data Processing, Inc.

ROSELAND, N.J., June 13, 2013 /PRNewswire/ -- ADP® today issued a statement regarding the New Jersey U.S. Attorney's amended complaint that further clarifies specifics surrounding the involvement of ADP in an international cybercrime conspiracy case announced by the U.S. Attorney on June 12, 2013.

ADP appreciates the efforts of the United States Attorney's Office for the District of New Jersey to update the cybercrime conspiracy complaint that was unsealed yesterday, to further clarify the circumstances surrounding the impact to ADP clients of the criminal conspiracy.  ADP has worked to assist the U.S. Attorney's Office in the development of this case, in ADP's ongoing efforts to protect its clients from cyber criminals.

With respect to the specific criminal scheme perpetrated against ADP's clients, the amended complaint, submitted this afternoon in Newark, N.J., now states, in pertinent part:

"…hackers first obtained the account log-in credentials (e.g., usernames and passwords) of ADP customers from the customers themselves using a variety of unlawful means.  Next, the hackers used those fraudulently obtained account log-in credentials to access  the customers' accounts" and "Using this method, the hackers gained control of the accounts of over 130 ADP customers." 

This updated description sets the record straight and clears up any misinterpretations of the original complaint's content, which some published reports incorrectly inferred as stating that the alleged cybercriminals successfully hacked and gained unlawful access to ADP systems.  This was absolutely not the case.

For the record, at no time was the ADP network ever breached or compromised by the efforts of these cybercriminals.  Regrettably, these criminals instead succeeded in using sophisticated techniques to trick a few ADP clients into divulging their account information.  They then used these illegally obtained credentials to access individual client accounts. 

ADP will continue to support the U.S. Attorney's Office and other law enforcement officials in this case.  In fact, ADP was one of the leading companies to alert law enforcement officials about the series of suspicious activities that ultimately prompted the investigation and subsequent charges filed by the U.S. Attorney against this international ring of cyber thieves.

The security and privacy of client data are, and have always been, top priorities for ADP.  Trust and confidence about the security of account information is the bedrock of our relationships with our clients.  To maintain that trust and confidence and to help our clients avoid falling prey to sophisticated, deceitful cybercriminal schemes, ADP remains vigilant in educating clients and helping them to protect and maintain the security of their account credentials.  To assist in these efforts, the company maintains an ADP Trust Center located at where clients can receive alerts and other educational materials on cyber security best practices.

To access a copy of the amended complaint, please visit:,%20Oleksiy%20et%20al.%20Amended%20Complaint.pdf

Michael Schneider
(973) 567-1775

Christian Harper
Weber Shandwick for ADP  
(917) 331-7885


SOURCE Automatic Data Processing, Inc.