DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Yet more phishing-based compromises involving W-2 tax statement data (Update-24)

Posted on March 15, 2016 by Dissent

(Note: the following is not a complete list… it’s just a list I started after the first few posts on this topic suggested that there would be a lot more. See the “phishing” category of this site for earlier entries this year.)

Reports continue to come in to state attorneys general involving the successful spear phishing of employees’ W-2 information.   Here are just three more reports I saw today, with links to their reports.

  • Care.com (and its subsidiaries).
  • Matric NAC and Matrix Service Company
  • Applied Systems

Update of Mar. 16: Add to the above the following firms whose employee W-2 data was also successfully phished recently:

  • SevOne
  • SalientCRGT.
  • Mitchell International.
  • WorkCare.
  • Foss.
  • PerkinElmer (also reported to NH)
  • Advance Auto Parts
  • Sequoia Union High School District

And of course, in other coverage today, I had noted the LAZ Parking . And Brian Krebs reported on MoneyTree.

And these are just some of all the successful phishing attacks in the past month noted on this site. Search the “phishing” category for more.

Maybe you should just bookmark this page for a while….

Update 2: Add eClinical Works.

Update 3 (Mar. 19): Add Springfield City Utilities, Missouri.

Update 4 (Mar. 21): Add ConvaTec

Update 5 (Mar. 22): Add Sprouts (21,000 at risk) and Lanyon Solutions.

Update 6 (Mar. 23) Add CareCentrix and Dynamic Aviation and Netcracker Technology… and Information Resources

Update 7 (Mar. 24) Brian Krebs identifies some additional firms in this post. Also, a reader emailed me that he received a letter yesterday dated March 19 from his former employer. Certain US employees’ 2015 W2 forms were exposed on March 1, 2016, and the breach was discovered on March 9. The breached entity, he says, was Kantar Group (the parent company to TNS, The Futures Co., Millward Brown, and AddedValue). Later today, we learned that Lamps Plus/Pacific Coast Lighting also had employee W-2 data compromised by phishing.

Update 8 (Mar. 25). Add ASPIRAnet and Tidewater Community College. And Pivotal

Update 9 (Mar. 29) Add Ryman Hospitality Properties  and Kentucky State University and various Maine school districts. Then there was ARC International.

Update 10 (Mar. 30) Add Champlain Oil.

Update 11 (Apr. 3) Add Weight Watchers, Intl.

Update 12 (Apr. 4) Add City of Plainfield, NJ (reported on CBS News this morning). Also, Bowdoin College was was impacted by the Maine school district incident, mentioned previously, at Brunswick School District.

Update 13 (Apr. 5) Add IASIS and Universal Service Administrative Company.

Update 14 (Apr. 7) Add Proskauer Rose and Clay County Medical Center (?) and Ash Brokerage Corp. And Hutchison Community College.

Update 15 (Apr. 11) Add Bristol Farms and Wynden Stark, dba GQR Global Markets/City Internships.

Update 16 (Apr. 12) Add Asure Software and Dixie Group and  MNP and Management Health Systems d/b/a MedPro Heathcare Staffing and Silicon Laboratories.

Update 17 (Apr. 13) Add Meeting Street School and Rockhurst University. And Olympia School District. And Academy of Art Institute.

Update 18 (Apr. 14) Add Girl Scouts of Gulf Coast Florida.

Update 19 (Apr. 15) Add Town of Essex, VT and Washington Elementary School District  (AZ).

Update 20 (Apr. 17) Add BackOffice Associates and Morongo Casino (who also disclosed a leak of personal data of some rewards club guests  to 19 other guests).

Update 21 (Apr. 18) Add EMSI.

Update 22 (Apr. 19) Add Landstar System

Update 23 (Apr. 20) Add Convey Health Solutions and Clinton Health Access Initiative. And InvenSense. And MNP on behalf of its affiliate, General Fasteners Company. And Trinity Heating & Air, DBA Trinity Solar. And TMEIC.

Update 24 (April 22): Add DealerSocket Inc.


Related:

  • Two more entities have folded after ransomware attacks
  • British institutions to be banned from paying ransoms to Russian hackers
  • Microsoft Releases Urgent Patch for SharePoint RCE Flaw Exploited in Ongoing Cyber Attacks
  • Global hack on Microsoft product hits U.S., state agencies, researchers say
  • Premier Health Partners issues a press release about a breach two years ago. Why was this needed now?
  • Missouri Adopts New Data Breach Notice Law
Category: Breach IncidentsOf NotePhishing

Post navigation

← Website of Hinjewadi Industries Association hacked, Anti Terrorism Squad steps in
14,000 LAZ Parking employees have W-2 data stolen →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
  • BreachForums — the one that went offline in April — reappears with a new founder/owner
  • Fans React After NASCAR Confirms Ransomware Breach
  • Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack (1)
  • Infinite Services notifying employees and patients of limited ransomware attack
  • The safe place for women to talk wasn’t so safe: hackers leak 13,000 user photos and IDs from the Tea app

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.