Two more colleges have reported breaches involving employee W-2 data. I’m late picking the first one up, but it seems Allegheny College employees reported problems when filing taxes. On April 14, Angela Mauroni reported that at least 74 non-student employees of the Pennsylvania college had reported such problems. The college believes the information was accessed through the hacking…
Category: Phishing
Federal contractor with cybersecurity ties notifies employees after W-2 info acquired by targeted phishing
I’ve continued to add entities to my list of firms or entities where employee W-2 information was successfully phished by emails purporting to be from an entity’s executive. One notification I read this morning made me cringe because the firm that was successfully phished has contracts with the government involving mission critical systems for U.S. and coalition…
Another Greenshades client discloses breach of employee info
Add University of the Southwest to your list of those notifying current and former employees that their W-2 or payroll information was accessed without authorization from their vendor, Greenshades. But don’t jump to conclude that the fault is with Greenshades, because the tax filing vendor says the problem is not with them. Following up on previous breach…
Meanwhile, back at the phishing for W-2 department…
After 24 days of updating my scratch list of incidents involving phishing for W-2 information (business email compromise), I decided to take stock and try to organize what we have so far. I was surprised to see that there were already 90 incidents (make that 126 as of May 18th). Most of these entries were found…
FBI: $2.3 Billion Lost to CEO Email Scams
While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…
Metropolitan Jewish Health System notifies members and patients of phishing incident
Notice Regarding Phishing Email Incident Metropolitan Jewish Health System, Inc. and its participating agencies and programs (including Menorah Home and Hospital for the Aged and Infirm d/b/a Menorah Center for Rehabilitation and Nursing Care; Metropolitan Jewish Home Care, Inc. d/b/a MJHS Home Care; MJHS Hospice and Palliative Care, Inc.; Institute for Applied Gerontology d/b/a MJHS…