The bigger story is that this is a non-story, as it was 12 people who participated, and they may have already had permission from people to do this. The bigger lesson, is that the method of asking for this access, by a third party, to your payroll provider, is a nasty gray area that should never have been done. This is an example of what not to do in the workplace. Don’t give out your passwords, your access, your information, anything, to anyone outside of your company. Period. End of Story. Do not pass Go. Do not collect the $500 bribe.
The offer was part of an internal test at Plaid. If people’s employers didn’t provide permission, Plaid may run afoul of U.S. hacking laws.