Hackers took over the Web sites belonging to Fiserv Inc.'s CheckFree bill payment unit for a brief time last week.
All the CheckFree domain names, including checkfree.com, mycheckfree.com, and checkfreecorp.com, redirected visitors to a site that appeared as a blank page but attempted to distribute a malicious program hidden within a PDF file, Fiserv said.
"If the user didn't have updated antiviral software, there is a risk they could have received a download of malicious software," Melanie Tolley, Fiserv's vice president of corporate communications, wrote in an e-mail Friday.
The domains were compromised early on the morning of Dec. 2, and CheckFree had regained control of the affected domain names by 5 a.m. Eastern standard time that day, she wrote.
Fiserv said it is notifying anyone who may have been affected by the program and offering them antivirus software and credit monitoring.
The Washington Post, citing the Herndon, Va., domain registrar Network Solutions LLC, reported that someone used Fiserv's credentials with the registrar to redirect the sites.
Ms. Tolley would not confirm this. "The root cause is still under investigation, so anything that is disclosed at this point is speculation and is considered erroneous until the investigation is completed," she wrote.
