Ransomware Attack on ADP Partner Exposes Broadcom Employee Data

pThe recent disclosure of a ransomwaredriven data breach at Broadcom has sent fresh ripples through the tech and cybersecurity community highlighting the persistent risks inherent in supply chain and thirdparty data management As reported by The Register a Middle Eastern partner of payroll services giant ADP Business Systems House BSH fell victim to a ransomware attack in September 2024a breach that ultimately resulted in the compromise of sensitive Broadcom employee datappThe incidents timeline underscores the challenges organizations face in monitoring and securing extended vendor ecosystems Broadcom a multinational semiconductor and infrastructure software company had utilized ADP for payroll processing with BSH functioning as ADPs regional provider in the Middle East At the time of the breach Broadcom was already in the process of transitioning away from both ADP and BSH but crucially the switch had not been finalized when attackers struckppAccording to internal communications cited by The Register BSHADP discovered the breach in late September 2024 However it was not until December 2024 that they realized employee data had been made accessible on the internet Because the stolen information was in an unstructured format as noted in the companys notification to affected staff BSH and ADP faced significant delays in identifying the full scope of impacted data and individuals Broadcom itself was not alerted to the details until May 12 2025almost eight months after the initial intrusionppThe data taken by the criminal actor was in an unstructured format so definitively determining which employees were impacted and for each employee which data fields were disclosed was a lengthy process for BSHADP read an internal email shared by The Register This delay left employees in a prolonged state of uncertainty about whether their personal informationpotentially including names payroll details identification numbers and contact informationhad been exposedppFurther reporting by TechNadu points to the El Dorado ransomware group as the orchestrators of the attack on BSH The group which has been active in targeting thirdparty service providers managed to exfiltrate employee data as part of its campaign The incident demonstrates how cybercriminals increasingly target the weakest link in a large organizations digital supply chain rather than the primary target itselfppBroadcoms experience aligns with broader industry concerns over vendor risk management The process of transitioning payroll providers already complex given compliance and regional legal considerations was further complicated by the lack of timely breach disclosure from BSH and ADP Both firms have reportedly engaged with law enforcement and data protection authorities and taken steps to harden BSHs environment to protect from similar attacks going forward according to statements published in The RegisterppFor other enterprises the incident serves as a potent reminder of the limitations of perimeterbased security and the need for a trust but verify approacheven when delegating critical HR and payroll processing to established third parties Broadcoms own documentationunrelated to the breach but broadly relevanthas emphasized the importance of assuming compromise regularly auditing vendor controls and implementing rigorous incident response protocolsppWhile Broadcom no longer contracts with ADP or BSH for its payroll operations the fallout from the breach will likely reverberate for months as investigations continue and affected individuals take precautions against potential identity theft or social engineering attempts The episode highlights the growing imperative for realtime information sharing among vendors clients and authorities when sensitive data is involvedppAs the industry digests the ramifications of the Broadcom breach the message is clear the trust placed in business partners is only as strong as the weakest point in their digital defenses and delays in breach reporting can have lasting consequences for data security and corporate reputationpp Subscribe for UpdatesppThe CybersecurityUpdate Email Newsletter is your essential source for the latest in cybersecurity news threat intelligence and risk management strategies Perfect for IT security professionals and business leaders focused on protecting their organizationsppGet the free daily newsletter read by decision makersppGet our media kitppDeliver your marketing message directly to decision makersp