MP Environmental Services, Inc. System Data Breach
NOTICE: If you are an employee of MP Environmental Services, Inc., and you have received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777.
One of the largest independent transporters of hazardous waste in the Western United States, MP Environmental Services, Inc. (MPE), uses outside vendor PaperlessPay Corp. to process payroll for its employees.
On February 19, 2020, the Department of Homeland Security (DHS) alerted PaperlessPay Corp. that their clients’ employee data was for sale on the dark web. PaperlessPay Corp. confirmed that an unauthorized party gained access to their SQL service on February 18, 2020.
On March 20, 2020, PaperlessPay Corp. notified MPE about the cyberattack. MPE disclosed the data breach to their employees, stating that potentially compromised information is associated with payroll data. This may include:
- full names
- addresses
- pay and withholdings information
- bank account numbers
- Social Security numbers
MPE is offering credit monitoring and identity theft protection services and is urging employees to take precautionary measures, such as monitoring credit activity and setting up fraud alerts with credit reporting agencies.
Based in Bakersfield, California, MP Environmental Services, Inc. has offices located in Arizona, Northern California, Washington, Oklahoma, and Utah. With a fleet of more than 1,000 pieces of equipment, MPE’s estimated annual revenues exceed $31 million from waste transportation, demolition and remediation services.
PaperlessPay Corp., claims to have hosted 8 million paystubs and delivered over 106 million W-2 forms. The company provides electronic paystubs under the product names my-eStub.com and PPCStubs.com for the staff of hospitals, utility providers, and other employers. It is unknown how many of PaperlessPay Corp.’s 1500 clients or how many of the company’s 2.3 million enrolled users were affected by the security incident.
PaperlessPay Corp. was founded in 2007 and is based in Jacksonville, Florida. The company’s estimated annual revenues are $7 million. The company has not yet posted a public statement about the security incident or issued a formal notice to affected individuals.
If you are an employee of MPE, and you have received a NOTICE OF DATA BREACH regarding this incident, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible legal options.