This week, US military contractor, Northrop Grumman Corporation, reported a cyber attack that exposed its employees’ W-2 tax records. According to a letter sent to all employees, as well as the California Attorney General, the cybercriminals have breached the company’s network several times throughout the course of nearly a year. They not only accessed tax return credentials, but also each employee’s personal contact information.
“The personal information that may have been accessed includes your name, address, work email address, work phone number, Social Security number, employer identification number, and wage and tax information, as well as any personal phone number, personal email address, or answers to customized security questions that you may have entered on the W-2 online portal,” the company’s letter read.
Evidence suggests that the breach may have come from an employee’s stolen login information—most likely through a simple spear phishing campaign. With so much lost due to one mistaken click of the mouse, it’s clear that high security measures should be in place for companies of all sizes.
Don’t wait to become a victim of these hack attacks. Sign up for a complete security consultation or staff security awareness training to prevent your employees from becoming victims of these kinds of scams.