Two more colleges have reported breaches involving employee W-2 data.
I’m late picking the first one up, but it seems Allegheny College employees reported problems when filing taxes. On April 14, Angela Mauroni reported that at least 74 non-student employees of the Pennsylvania college had reported such problems.
The college believes the information was accessed through the hacking of Automatic Data Processing, Inc., according to an email sent out by Rick Holmgren, vice president for Information Services and Assessment, to all regular employees.
More specifically, Holmgren said the college suspects hackers accessed the information through ADP’s iPay program, which allows enrolled employees to access their paystubs, W-2s and Forms 1099 electronically.
Read more on The Campus. Ms. Mauroni does not seem to have contacted ADP to get a response to the suspected breach. DataBreaches.net e-mailed ADP to ask whether there had been any breach on their end, but received no response by publication time. This post will be updated as more information becomes available.
Earlier today, The Daily Republic reported that Solano Community College in California experienced a data breach involving employee W-2 data on April 28. The publication provides no details about the nature of the breach. Nor does the notice on the college’s web site, dated April 28. The notification letter makes clear, however, that this was another phishing-related incident:
We are contacting you because we have learned of a serious data security incident that occurred on the afternoon of April 28, 2016, and that involved some of your personal information. The breach involved external phishing which obtained Solano College 2015 W2 information. The information breached contained Social Security Numbers, Names, and Wage and Statutory Benefits information, such as State and Federal Tax, FICA, Medicare, Dependent Care, 403 (b), and 457 (b) amounts, and affected 1,206 current and former employees.