Add University of the Southwest to your list of those notifying current and former employees that their W-2 or payroll information was accessed without authorization from their vendor, Greenshades. But don’t jump to conclude that the fault is with Greenshades, because the tax filing vendor says the problem is not with them. Following up on previous breach…
Category: Phishing
Meanwhile, back at the phishing for W-2 department…
After 24 days of updating my scratch list of incidents involving phishing for W-2 information (business email compromise), I decided to take stock and try to organize what we have so far. I was surprised to see that there were already 90 incidents (make that 126 as of May 18th). Most of these entries were found…
FBI: $2.3 Billion Lost to CEO Email Scams
While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…
Metropolitan Jewish Health System notifies members and patients of phishing incident
Notice Regarding Phishing Email Incident Metropolitan Jewish Health System, Inc. and its participating agencies and programs (including Menorah Home and Hospital for the Aged and Infirm d/b/a Menorah Center for Rehabilitation and Nursing Care; Metropolitan Jewish Home Care, Inc. d/b/a MJHS Home Care; MJHS Hospice and Palliative Care, Inc.; Institute for Applied Gerontology d/b/a MJHS…
Mattel nearly loses $3M to a phishing scam
Bryan Clark reports: A finance executive fell victim to a phishing scam that saw the Los Angeles-based maker of children’s toys wire a cool $3 million to Chinese hackers. Expertly timed during a period of corporate change, the email hit the inbox of the unnamed executive and requested a new vendor payment in the amount of…
Grand Ole Opry Parent Company Falls Victim to Phishing Scam
Today’s reminder that we’re not done with all the phishing that snagged employee W-2 data. Nashville’s Ryman Hospitality Properties has fallen victim to a fraudulent phishing scam that resulted in employees’ IRS W-2 information, which includes Social Security numbers, being disclosed externally, Billboard has learned. The company is parent to entertainment brands the Grand Ole Opry, Nashville’s historic Ryman Auditorium and legendary…