Snapchat employee payroll data leaked

In a blog post on Sunday, Snapchat executives revealed that the payroll data of some current and former employees was exposed as the result of a scam e-mail sent to a human resources employee at the company.

“The good news is that our servers were not breached, and our users’ data was totally unaffected by this,” a company spokesperson said in the post. “The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.”

On February 26, an employee in Snapchat’s payroll department received a “spear phishing” e-mail that appeared to be from Snapchat CEO Evan Spiegel—but that came from an external e-mail address. The message requested employee payroll information. The individual targeted didn’t recognize the message as a scam, and they forwarded the requested information.

“Within four hours of this incident, we confirmed that the phishing attack was an isolated incident and reported it to the FBI,” the Snapchat spokesperson reported in the blog post. “We began sorting through which employees—current and past—may have been affected. And we have since contacted the affected employees and have offered them two years of free identity-theft insurance and monitoring.”

This sort of phishing attack, sometimes referred to as a “whaling” attack (targeting a high-value target within a company), has been on the rise recently. The trend has been linked partially to Nigerian-based financial fraud—e-mails crafted to look like they are from a company executive, such as a chief financial officer, direct finance employees to wire money to an account for an urgent deal or invoice payment, and then the money is quickly withdrawn. These attacks are often made easier through the use of sites such as LinkedIn to gather intelligence about employees that might have access to desired information or have access to company funds.

But leaks like the Snapchat payroll data—sent from the company e-mail system—are the type that are usually most easily blocked by e-mail filtering and data loss prevention tools. DLP tools can look for patterns indicative of social security numbers and other personally identifiable information and block the message based on policies or at least alert the user that the data is being sent outside the company before allowing it to happen.

 

SOURCE: Sean Gallagher | Ars TechnicA

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s