How embarrassing would it be to have a firm named OpSec Security that advertises it’s “trusted by over 400 companies and 50 government agencies” – and then it falls for a phishing scheme?
Tim Stuhldreher reports:
In the wake of a data breach, an anti-counterfeiting company with local sales and manufacturing operations is advising its employees to be on the alert for identity theft, according to correspondence obtained by LNP.
In early March, “hackers accessed an email containing an attachment which included 2015 W-2 tax forms for all salaried and hourly employees, including some former employees,” reads an email sent to people working for OpSec Security.
Read more on Lancaster Online.
this smells like password re-use.
Maybe, but “It also advised employees not to share sensitive personnel information through email.” suggested to me that an employee got phished/BEC.