Another day, another phishing for W-2 incident. WFRV reports that Mercury Marine issued a press release today stating that its parent company, Brunswick Corporation, had been a victim of an email phishing scam. Brunswick, who had more than 13,000 employees globally in 2015, issued the following statement today: Brunswick Corporation today reported it has been the victim of an email phishing incident…
Category: Phishing
Payroll vendor employee falls for phishing scam, all clients’ W-2 data involved
It is bad enough when an employee falls for a phishing scheme that exposes fellow employees’ W-2 information. It is downright painful when an employee of a payroll services vendor falls for a scam and emails every clients’ W-2 data to criminals. Sadly, that is what happened to Alpha Payroll Services LLC. Read my story on Daily Dot.
Thousands of taxpayers affected by W-2 Phishing attacks this year
Salted Hash reports: In the first quarter of 2016, at least 41 organizations were victimized by BEC attacks, but that number is closer to 70 when additional disclosures are counted. Some organizations were successfully hit earlier in the year, but only just recently discovered the problem, delaying notification. Read more on Salted Hash. The numbers are…
Two more colleges report compromise of employee W-2 info
Two more colleges have reported breaches involving employee W-2 data. I’m late picking the first one up, but it seems Allegheny College employees reported problems when filing taxes. On April 14, Angela Mauroni reported that at least 74 non-student employees of the Pennsylvania college had reported such problems. The college believes the information was accessed through the hacking…
Federal contractor with cybersecurity ties notifies employees after W-2 info acquired by targeted phishing
I’ve continued to add entities to my list of firms or entities where employee W-2 information was successfully phished by emails purporting to be from an entity’s executive. One notification I read this morning made me cringe because the firm that was successfully phished has contracts with the government involving mission critical systems for U.S. and coalition…
Another Greenshades client discloses breach of employee info
Add University of the Southwest to your list of those notifying current and former employees that their W-2 or payroll information was accessed without authorization from their vendor, Greenshades. But don’t jump to conclude that the fault is with Greenshades, because the tax filing vendor says the problem is not with them. Following up on previous breach…