Patch Job

They didn't fix it because it was wrong.

They fixed it because I caught them.

When I first blogged earlier today that my Paylocity account allowed full access to the "Pay" section-- without requiring a second login--I knew it wasn't normal. That section normally prompts a second layer of authentication for payroll security. But after my access was altered, I noticed I could view everything without reauthenticating.

 I documented the timing. I blogged about it. And I waited.

Then today--without notice, warning, or explanation--that access changed. Now, suddenly, my "Pay" tab once again requires a login. Not Paylocity's doing. This wasn't some system-wide update. It was Venture Forthe--quietly reconfiguring my account behind the scenes after I exposed the breach. 

And they never told me. They didn't acknowledge the lapse. They didn't apologize for allowing sensitive data to remain unsecured. They just flipped a switch and pretended it never happened.

But I saw it. And so did the public.

This isn't how companies handle a security fix. It's how they cover their tracks.

Instead of acknowledging the exposure or thanking me for pointing it out, they took silent action--clearly monitoring my blog in real-time--trying to correct the evidence after the fact. That's not transparency. That's a cover-up. A digital clean-up job. And it's exactly the kind of reactive behavior whistleblower protections were built for.

They weren't maintaining system integrity. They were maintaining plausible deniability. Unfortunately for them, that window already closed. I've documented every step, every access attempt, every screen, every timestamp. 

This last-minute patch job only confirms what's already been clear:

They're watching.

They're reacting.

And every move they make only confirms the truth I've already shown.

-- K 

Comments

Post a Comment

Popular posts from this blog

This Is How They Responded

Not long after I raised this serious concern, I was called into a Google meeting with my direct supervisor and a high-ranking administrator.  But the issue I had flagged? They didn't even mention it.  I had to bring it up myself- calmly, professionally. They showed no intention of addressing it. Instead, the conversation quickly turned towards me. I was told that I appeared "unempathetic" and "unapproachable"- not to them, but to my students. No names. No specific examples. Just a vague criticism, dropped like a warning. I responded clearly, "My students reviews speak for themselves "  And in that moment, they backed off. The tone shifted. The accusation didn't hold- because it couldn't.  When I attempted to explain what had been happening with the two students in question- facts I had written down- they interrupted me. I wasn't angry or emotional. I was prepared. They didn't want to hear it. My supervisor then added something else: tha...
Read more

The Truth Will Not Be Silenced

Image
The article went live. It named the company. It told the truth. And just like that — it was gone. WNY News Now published a professional, factual piece about what happened to me at Venture Forthe. It exposed how I was given a sex toy to use in a medical training class, how I objected, and how I was retaliated against until I had no choice but to leave. The article explained my story clearly — and it showed the public what I’ve been saying all along. It was up long enough to be seen, shared, reacted to, and commented on. And then, without warning, it disappeared. No explanation. No correction. Just wiped from the site. But here’s the thing: removing the article won’t erase what happened to me. They might be able to silence one post, but they can’t silence me . I’ve documented everything. I have screenshots. Timelines. Emails. I’ve filed complaints. I’ve kept records. I’ve told the truth from day one. And I’m not backing down. I’m not waiting for anyone else to speak for me. I’ll ke...
Read more

Retaliation Continues as I Attempt to Record the Past

This morning  I sat down to continue my timeline. Specifically, a black-out incident that occurred earlier in April.  Instead,  I encountered something new... I logged into my Paylocity account to check my recent pay stub and was met with a red message: "Account is Inactive." No notice. No explanation. No alternative access provided. I haven't received a termination letter, and I constructively discharged myself on 5/22/25, after months of retaliation. Regardless of how employment ends, employers are legally required to provide access to wage records and tax documentation.  I immediately sent a formal request to HR with a screenshot of the lockout. I was just trying to continue telling my story. But this story keeps writing itself. --K 
Read more