While I’ve been busy tracking W-2 phishing scams, let’s not lose sight of the fact that there are other ways for criminals to obtain W-2 or tax information, and that human error continues to turn assets into low-hanging fruit.
Interpreters Unlimited recently notified the Vermont Attorney General’s Office that the contents of an employee’s backup device were “inadvertently made available on a public web site.” The contents included 1099 tax form information for an undisclosed number of contractors/others.
The notification does not indicate for how long the data were exposed before discovery, nor the results of the third-party forensics investigation, which was ongoing at the time of their March 10 notification letter.