It’s not clear from their notification how many employees were impacted and how the security incident occurred, but Pharm-Olam International started notifying employees by mail of a security incident that compromised their names, Social Security and income information: At Pharm-Olam International (the “Company”) we value you and respect the privacy of your information, which is…
Category: Phishing
PA: FBI investigates Main Line Health Spear Phishing Incident (UPDATED)
Another day, another successful phishing scheme. In late afternoon on March 1, 2016, Main Line Health learned of a “spear phishing” incident that affected the personal information of all Main Line Health employees. Main Line Health immediately alerted federal authorities, including the IRS and FBI, regarding this incident and is cooperating with their investigation. No…
Central Concrete Supply notifies employees of breach involving W-2’s
Another business discloses a breach that sounds like it might have been another business email compromise (impersonation) scam: We are writing to tell you about a data security incident that may have exposed some of your personal information as an employee of Central Concrete Supply Co., Inc., Right Away Redy Mix, Inc., or Rock Transport, Inc….
Snapchat “just impossibly sorry” after employee payroll data compromised in BEC scam
John Russell reports that a number of Snapchat’s current and former employees had their payroll information stolen after an employee fell for what has become a common attack known as BEC (Business Email Compromise). In BEC, a scammer poses as a corporate executive and sends an email requesting payroll or customer data. “Last Friday, Snapchat’s payroll department was targeted by an…
St. Joseph Hospital employee information leaked in phishing scam
News12 reports: A Passaic County hospital says that a security breach caused some personal information about some of its employees to get out. Saint Joseph’s Healthcare System in Paterson says that a phishing scam has led to the unintentional disclosure of employee information, including social security numbers. “The information disclosed did not include any employee…
Oregon man pleads guilty to “phishing” celebrity nude photos
AP reports: An Oregon man who accessed hundreds of email accounts and stole explicit photos of celebrities pleaded guilty Thursday to a felony hacking charge in Los Angeles. Andrew Helton of Astoria, Oregon, faces up to five years in prison after pleading guilty to stealing nude or explicit photos from 13 people, including some unidentified…