Yet more phishing-based compromises involving W-2 tax statement data (Update-24)

(Note: the following is not a complete list… it’s just a list I started after the first few posts on this topic suggested that there would be a lot more. See the “phishing” category of this site for earlier entries this year.)

Reports continue to come in to state attorneys general involving the successful spear phishing of employees’ W-2 information.   Here are just three more reports I saw today, with links to their reports.

Update of Mar. 16: Add to the above the following firms whose employee W-2 data was also successfully phished recently:

And of course, in other coverage today, I had noted the LAZ Parking . And Brian Krebs reported on MoneyTree.

And these are just some of all the successful phishing attacks in the past month noted on this site. Search the “phishing” category for more.

Maybe you should just bookmark this page for a while….

Update 2: Add eClinical Works.

Update 3 (Mar. 19): Add Springfield City Utilities, Missouri.

Update 4 (Mar. 21): Add ConvaTec

Update 5 (Mar. 22): Add Sprouts (21,000 at risk) and Lanyon Solutions.

Update 6 (Mar. 23) Add CareCentrix and Dynamic Aviation and Netcracker Technology… and Information Resources

Update 7 (Mar. 24) Brian Krebs identifies some additional firms in this post. Also, a reader emailed me that he received a letter yesterday dated March 19 from his former employer. Certain US employees’ 2015 W2 forms were exposed on March 1, 2016, and the breach was discovered on March 9. The breached entity, he says, was Kantar Group (the parent company to TNS, The Futures Co., Millward Brown, and AddedValue). Later today, we learned that Lamps Plus/Pacific Coast Lighting also had employee W-2 data compromised by phishing.

Update 8 (Mar. 25). Add ASPIRAnet and Tidewater Community College. And Pivotal

Update 9 (Mar. 29) Add Ryman Hospitality Properties  and Kentucky State University and various Maine school districts. Then there was ARC International.

Update 10 (Mar. 30) Add Champlain Oil.

Update 11 (Apr. 3) Add Weight Watchers, Intl.

Update 12 (Apr. 4) Add City of Plainfield, NJ (reported on CBS News this morning). Also, Bowdoin College was was impacted by the Maine school district incident, mentioned previously, at Brunswick School District.

Update 13 (Apr. 5) Add IASIS and Universal Service Administrative Company.

Update 14 (Apr. 7) Add Proskauer Rose and Clay County Medical Center (?) and Ash Brokerage Corp. And Hutchison Community College.

Update 15 (Apr. 11) Add Bristol Farms and Wynden Stark, dba GQR Global Markets/City Internships.

Update 16 (Apr. 12) Add Asure Software and Dixie Group and  MNP and Management Health Systems d/b/a MedPro Heathcare Staffing and Silicon Laboratories.

Update 17 (Apr. 13) Add Meeting Street School and Rockhurst University. And Olympia School District. And Academy of Art Institute.

Update 18 (Apr. 14) Add Girl Scouts of Gulf Coast Florida.

Update 19 (Apr. 15) Add Town of Essex, VT and Washington Elementary School District  (AZ).

Update 20 (Apr. 17) Add BackOffice Associates and Morongo Casino (who also disclosed a leak of personal data of some rewards club guests  to 19 other guests).

Update 21 (Apr. 18) Add EMSI.

Update 22 (Apr. 19) Add Landstar System

Update 23 (Apr. 20) Add Convey Health Solutions and Clinton Health Access Initiative. And InvenSense. And MNP on behalf of its affiliate, General Fasteners Company. And Trinity Heating & Air, DBA Trinity Solar. And TMEIC.

Update 24 (April 22): Add DealerSocket Inc.

About the author: Dissent

Comments are closed.