Earlier this month we were alerted to and identified a potential security issue with how we store files that clients upload to the system, as well as files that we generate for clients to download. Once this issue was identified we immediately started applying measures across the system to address it.
What was the issue?
In extremely unlikely cases it would be possible to guess filenames of files and be able to access them. The odds of this were extremely low, but we didn’t let that stop us from rushing out a fix to remedy this.
How was this fixed?
The fix was two fold:
- All files uploaded by customers now have a randomized filename, this makes it basically impossible to guess.
- All files in the system require authorization to view, and the links expire in less than 5 minutes.
This solution deals with the problem on two levels:
- It is extremely difficult to guess the filenames.
- Even if you were to somehow able to guess the correct filename, you still will not be able to access it without the link having a special signature attached.
How are we preventing this from happening again?
We have revised our policies in regards to how we store client uploaded files and files we generate for clients to enforce the randomization and protections by default.
All these changes have already been applied across all aspects of our system and no potentially vulnerable files remain.
If you have any issues or questions about this security update, the PayrollHero Support Team will be happy to assist.