The March 2024 issue of IEEE Spectrum is here!

Close bar

IT Hiccups of the Week: University of Wisconsin Loses Another $1.1 Million Amid Payroll Glitches

Facebook bug shows its reach, and some Canadian student loan data breach victims hit by another miscue

5 min read
IT Hiccups of the Week: University of Wisconsin Loses Another $1.1 Million Amid Payroll Glitches

This week’s IT hiccups and snafus are a varied lot. We’ll start off with the University of Wisconsin’s ongoing payroll and benefits system saga.

$1.1 Million Lost Because of Glitches in UW Payroll System Glitches – More May Follow

The Wisconsin State Journal reported last week that “glitches” with the University of Wisconsin’s controversial payroll and benefits system had resulted in US $1.1 million in improper payments which the university may likely end up having to absorb. In addition, the Journal reported, University President Kevin Reilly warned that further examination of the payroll system “by system staff, an independent analyst and the state auditor are ‘likely to find more issues.’”

This news has not gone over well with Wisconsin state legislators, who were already upset when an audit by the Legislative Audit Bureau released late last month indicated that problems with the UW payroll system had resulted in $33 million in improper payments being made over the past two years. Another Journal article reported that while some $20 million of those $33 million in overpayments have been recovered, much of the remaining $13 million may well have to be written off.

When the $33 million in overpayments was first reported, UW's Reilly put out a statement that said in part, “I am deeply troubled by these mistakes…. We will identify exactly why and how these significant errors occurred, we will validate that steps we have already taken are working, we will take any additional steps that need to be taken, and we will make absolutely sure that similar errors do not happen again.”

Announcing more overpayment losses less than a month later and begrudgingly admitting that more are likely to come isn’t exactly a great way to create confidence that you have the situation under control—especially if the system in question already has a long and somewhat sordid history to begin with.

You see, the current $78 million payroll system, which went live in April 2011, was UW’s second attempt at trying to replace a 30-something-year-old legacy payroll system. UW originally tried to replace its legacy system in the early 2000s at a then estimated cost of $19.7 million and a go-live date of January 2005. However, that project ended up being canceled by Reilly in July 2006 after $28.5 million had been spent and its estimated final cost-to-complete had reached some $62 million.

The current payroll development efforts began in 2007, but it did not take too long for this effort to run into trouble as well. System planning costs, for example, quickly jumped from an estimated $1.6 million to $12 million. This did not amuse state legislators, who were seeing a host of troubled government IT projects state-wide.  By 2010, UW said that the project was back on track, within budget and on schedule. UW officials promised that the new payroll system, which UW said would be used for decades, would provide a “high level of reliability” and “accuracy.”

Right now, Wisconsin state legislators are acting more like they are from Missouri (the "Show Me" state), wanting UW to demonstrate that its promises of a reliable and accurate payroll system can be trusted. Given what has been happening, that may take a while.

Facebook Error Hides Prominent Web Sites from its Users

More than 50 million pages and 10 million apps are now part of the Facebook platform,” Inside Facebook reported earlier this month. The totals come from a Facebook Security and Exchange Commission 10-K (pdf) filing the story said. The extent of Facebook’s reach was on display last Thursday when, for about 30 minutes, Internet users found out that they could not log into many of their favorite websites using their Facebook login credentials because of an error with Facebook Connect.

Facebook “explained” the error in a note stating that, “For a short period of time, there was a bug that redirected people logging in with Facebook from third party sites to Facebook.com. The issue was quickly resolved, and Login with Facebook is now working as usual.”

While this glitch would usually be minor news, what made it interesting – or maybe scary – was the number of web sites affected by the glitch. InfoWorld listed just some of them, including: “ABC, BuzzFeed, Capital.fm, CNN, DailyMail, ESPN, Etsy, Fox News, Gawker, Geico, HBO, Hollywood.com, The Huffington Post, Hulu, InfoWorld, NFL, OKCupid, People, Pinterest, Reddit, Slate, Smallworlds, SwagBucks, The Sydney-Melbourne Herald, TED, The Los Angeles Times, The New Zealand Herald, The Washington Post, Vulture, Weather.com, WikiAnswers, WordPress, XOJane, Yahoo, and YugaTech.”

As the InfoWorld story noted, “Website owners should be concerned about this, knowing that their site traffic and associated revenue could be cut off at any moment due to a Facebook glitch that's entirely beyond the site owners' control to fix.”

Best Buy Makes Good on BioShock Order Glitch

Last week, the gaming website Sidequesting reported that Best Buy accidentally cancelled thousands of preorders of the special Limited Edition of BioShock Infinite for some unexplained reason. At first, Best Buy offered a $10 gift card to those affected. But it soon figured out that that particular olive branch would not likely placate a lot of very disappointed and angry gamers.

So instead of taking a beating in the blogosphere it could ill afford, Best Buy decided to honor the pre- orders with a free copy of the game. Good move on Best Buy’s part.

Canadian Government Pours Salt into Some Data Breach Victims’ Wounds

In January, Human Resources and Skills Development Canada (HRSDC) informed some 538 000 people who had taken out loans through the Canada Student Loans Program between 2000 and 2006 that a hard-drive containing their personal information, including names, Social Insurance Numbers, dates of birth, contact information and loan balances had gone missing.

According to a story in the Winnipeg Free Press, “The hard drive was discovered missing from an office in Gatineau, Que, on Nov. 5 by an employee who had stored it in a filing cabinet. Management was not informed until Nov. 22. A detailed analysis of the files on the hard drive was completed Dec. 6. The Office of the Privacy Commissioner was notified on Dec. 14. HRSDC Minister Diane Finley called in the RCMP on Jan. 7. The news was made public Jan. 11.”

The loss of the hard drive has sparked multiple lawsuits against the HRSDC.

Unfortunately, even the agency's attempt to send letters to victims informing them of the data breach, was fraught with error. HRSCD said that a “technical issue” occurred which sent some of its notifications of the breach to the incorrect person. CTV News says that the government blamed the letters' misdirection to a printing error.

The HRSDC has played down the likelihood of anyone’s identify being at risk from the lost hard drive, but it has offered free credit monitoring to those whose information is on it. It also says the misdirected letters only contained names and addresses, and no other personal information, so it wasn't a big deal.

HRSDC told the press it will be sending “pre-paid envelopes to those who received letters intended for others so they can be returned.”

Somehow I doubt that gesture will do much in the way of restoring HRSDC’s perceived reputation for managerial incompetence.

Photo: iStockphoto

The Conversation (0)