North Carolina Security Breach Reporting Form, Pursuant to the Identity Theft Protection Act of 2005 “Indkcated a mandatory field “Name of the Company ot Government Agency owning or licensing information affected by the entity experiencing breach: PAYTIME HARRISBURG INC. D/B/A PAYTIME INC. Entity Type: FINANCIAL SERVICES! INSURANCE, Address’ 5053 RITTER ROAD Apt/SuiteBuilding SUITE 100 City MECHANICSBURG State PA Zip Code 17055 Telephone: (215) 977-4059 Fax (215) 477-4101 Email CHRIS DIIENNO@LEWISBRISBOIS COM “Date Security breach Reporting Form Submitted: 05/21/2014 “Date the Security Breach was discovered 04/30/2014 Breach Type HACKERS/ UNAUTHORIZED ACCESS “Estimated number of affected individuals: 216274 “Estimated number of NC residents affected 465 Name of company or government agency maintaining or possessing information that was the subject of the Security Breach, ifthe agency that experienced the Security Breach is not the same entity as the agency reporting the Secunity Breach (pursuant to N.C.G.S. 75-65(b)) Describe the circumstances surrounding the Security Breach: ON APRIL 30, 2014, PAYTIME LEARNED THAT UNAUTHORIZED INDIVIDUALS ACCESSED USERNAMES AND PASSWORDS ASSOCIATED WITH ITS SYSTEM, SPECIFICALLY, ITS CLIENT SERVICE CENTER, PAYTIME IMMEDIATELY LAUNCHED AN INVESTIGATION INTO THIS MATTER, AND RETAINED OUTSIDE FORENSIC EXPERTS TO DETERMINE WHETHER EMPLOYEE INFORMATION MAY HAVE BEEN ACCESSED BY THE INTRUDERS. PAYTIME SHUT DOWN THE ITS CLIENT SERVICE CENTER TO PREVENT FURTHER ACCESS TO CLIENT INFORMATION AND EMPLOYEE PERSONAL INFORMATION. PRELIMINARY RESULTS FROM PAYTIME’S INVESTIGATION HAVE REVEALED THAT THE INTRUDERS, SKILLED HACKERS WORKING FROM FOREIGN IP ADDRESSES, IDENTIFIED AND EXPLOITED A VULNERABILITY IN THE CLIENT SERVICE CENTER, WHICH ALLOWED THEM TO ACCESS EMPLOYEE INFORMATION. ALTHOUGH PAYTIME'S INVESTIGATION IS ONGOING, OUR FORENSIC EXPERTS HAVE DETERMINED THAT EMPLOYEES" NAMES, SOCIAL SECURITY NUMBERS, DIRECT DEPOSIT BANK ACCOUNT INFORMATION (IF PROVIDED), DATES OF BIRTH, HIRE DATES, WAGE, INFORMATION, HOME AND CELL PHONE NUMBERS, OTHER PAYROLL RELATED INFORMATION AND HOME ADDRESSES WERE ACCESSED BY THE INTRUDERS. OUR EXPERTS HAVE ALSO DETERMINED THAT THE NAMES, SOCIAL SECURITY NUMBERS AND DATES OF BIRTH FOR SOMEOF THE AFFECTED EMPLOYEES DEPENDENTS AND BENEFICIARIES WAS ACCESSED. Information Type = ACCOUNT# SSN “Regarding YES information breached, if electronic, was the information protected in some manner: IfYES, please. THE INFORMATION WAS PROTECTED THROUGH THE USE OF SEVERAL, describe the FIREWALLS. security measures, protecting the information: “Descibeany PAY TIME HAS TAKENMEASURES TO ENSURE THAT THIS TYPE OF measures takento EXPOSURE DOESNOT OCCUR AGAIN. THESE MEASURES INCLUDE AN preventa similar ANALYSIS OF THEIR SYSTEMS AND PROCESSES AND IMPLEMENTING Security Breach ADDITIONAL MEASURES TO SECURE PERSONAL INFORMATION from occurringin PAYTIME HAS ALSO TAKEN STEPS TO IMPROVE THE EXISTING the future: SECURITY OF THEIR SYSTEMS, INCLUDING INCREASED MONITORING CAPABILITIES AND USE OF ADDITIONAL SOFTWARE TOOLS “Date affectedNC 05/21/2014 residents were/vall be notified: Describe the circumstances surrounding the delay in notifying affected NC residents pursuant to N.C G.S. 75-65 (a) and («) If the delay was pursuant to a request from law enforcement pursuant to N.C.G.S. 75-65(¢), please attach or mail the written request or the contemporaneous memorandum. HowNC residents WRITTEN NOTICE vwerefwill be notified? (pursuant toNC.GS. 75-65 © Please note if the business demonstrates that the cost of providing notice would exceed two hundred fifty thousand dollars ($250,000) or that the affected class of subject persons to be notified exceeds 500,000, or if the business does not havesufficient contact information or consent to satisfy subdivisions (1), (2), or (3) of this subsection, for only those affected persons without sufficient contact information or consent, or if the business is unable to identify particular affected persons, for only those unidentifiable affected persons. Substitute notice shall consist of all the following » Email notice when the business hasan electronic mail address for the subject persons * Conspicuous posting of the notice on the Web site page of the business, if one is maintained » Notification to major statewide media Please attach a copy of the notice if in written form or a copy of any scripted notice if in telephonic form. Contact Information Affiliation with entity experiencing breach Organization Name Prefix “First Name Middle Name “Last Name Suffix Title Address: Apt/Suite/building City State “Telephone Email ATTORNEY LEWIS BRISBOIS BISGAARD & SMITH MR CHRISTOPHER J DIIENNO OUTSIDE COUNSEL 1055 WESTLAKES DRIVE SUITE 300 B PA Zip Code: 19312 (215) 97-4059 Fax (215) 477-4101 CHRIS DIIENNO@LEWISBRISBOIS. COM