SecuritySecurity Management

Seagate Employees’ Personal Data Pinched In Phishing Attack

Ben covers web and technology giants such as Google, Amazon, and Microsoft and their impact on the cloud computing industry, whilst also writing about data centre players and their increasing importance in Europe. He also covers future technologies such as drones, aerospace, science, and the effect of technology on the environment.

Follow on:
Google + Linkedin Subscribe to our newsletter Write a comment

Plenty more phish in the Sea-gate: Employee tricked by fake email from CEO asking for W-2 forms of ‘thousands’ of past and present Seagate workers

Seagate employees in the US have had their social security numbers, salaries, work and home addresses, and other data stolen in a phishing attack.

An employee, most likely high up in the chain of command in HR at the company, was duped by a bogus email requesting W-2 forms of Seagate employees.

CEO imposter

seagateOn March 1, the conned employee acquiesced the request for W-2 forms in an email purportedly from CEO Stephen Luczo, who said he wanted the data for current and past Seagate employees.

The exposed data could lead to some sticky tax fraud problems for said employees, but the firm is assuring workers that it has no information to suggest their data has been misused…yet.

“On March 1, 2016, Seagate Technology learned that the 2015 W-2 tax form information for current and former US-based employees was sent to an unauthorized third party in response to a phishing email scam,” a company spokesperson said.

“At this point we have no information to suggest that employee data has been misused, but caution and vigilance are in order. We deeply regret this mistake and we offer our sincerest apologies to everyone affected.”

Seagate spokesperson Eric DeRitis told security reporter Brian Krebs, who first learned of the breach from an employee, that the Internal Revenue Service (IRS) and federal authorities were notified immediately.

“When we learned about it, we immediately notified federal authorities who are now actively investigating it. We deeply regret this mistake and we offer our sincerest apologies to everyone affected. Seagate is aggressively analyzing where process changes are needed and we will implement those changes as quickly as we can,” DeRitis told Krebs.

DeRitis claims that less than 10,000 employees were affected, but the figure still stands at “several thousand”.

Take our data breaches of 2015 quiz here!