ADP says investigating data breach

ADP is investigating a data breach affecting one of its corporate clients and said it is "taking measures to address the impact" of the breach. It did not provide specifics.

The breach occurred at a benefits administration unit ADP recently bought, and was limited to a single client. The company said the breach occurred on a "non-payroll" product that it is no longer selling.

ADP did not identify the company that was affected, and a spokesman declined to provide more details.

The Roseland, New Jersey-based processor has about 550,000 clients and is best known for managing their payrolls. But it also provides other services, including administering benefits programs and providing computer services to car dealers.

ADP said it has been working with law enforcement and other officials to identify the cause of the breach and to catch the hackers.

It is the latest in a string of large financial companies that have been targeted by cyber criminals. Last week Citigroup Inc, the third-largest U.S. bank, and the International Monetary Fund both disclosed data breaches.

Josh Shaul, chief technology officer of New York vendor Application Security, estimated that about half of employees of the largest U.S. corporations get their paychecks through ADP, making him concerned the disruption could spread beyond the single client the processor has mentioned so far.

"Clearly what the financial services companies are doing on security is not enough, because they are being penetrated on such a regular basis," he said.

ADP shares closed down almost 2 percent, at $51.66.

(Reporting by Maria Aspan; additional reporting by Ross Kerber in Boston; editing by Bernard Orr)