SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
TOP Security!
2 Mar 2016

Snapchat leaks employee pay data after CEO email scam

In a blog post on Sunday, Snapchat executives revealed that the payroll data of some current and former employees was exposed as the result of a scam e-mail sent to a human resources employee at the company.

"The good news is that our servers were not breached, and our users’ data was totally unaffected by this," a company spokesperson said in the post. "The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry."

On February 26, an employee in Snapchat's payroll department received a "spear phishing" e-mail that appeared to be from Snapchat CEO Evan Spiegel — but that came from an external e-mail address. The message requested employee payroll information. The individual targeted didn't recognize the message as a scam, and they forwarded the requested information.

"Within four hours of this incident, we confirmed that the phishing attack was an isolated incident and reported it to the FBI," the Snapchat spokesperson reported in the blog post. "We began sorting through which employees — current and past — may have been affected. And we have since contacted the affected employees and have offered them two years of free identity-theft insurance and monitoring."

This sort of phishing attack, sometimes referred to as a "whaling" attack (targeting a high-value target within a company), has been on the rise recently. The trend has been linked partially to Nigerian-based financial fraud — e-mails crafted to look like they are from a company executive, such as a chief financial officer, direct finance employees to wire money to an account for an urgent deal or invoice payment, and then the money is quickly withdrawn. These attacks are often made easier through the use of sites such as LinkedIn to gather intelligence about employees that might have access to desired information or have access to company funds.

But leaks like the Snapchat payroll data — sent from the company e-mail system — are the type that are usually most easily blocked by e-mail filtering and data loss prevention tools. DLP tools can look for patterns indicative of social security numbers and other personally identifiable information and block the message based on policies or at least alert the user that the data is being sent outside the company before allowing it to happen.

Tags:
Snapchat information leaks
Source:
Ars Technica
2071
Other NEWS
3 Jul 2020 safeum news imgage An encrypted messaging service has been infiltrated by police
4 May 2020 safeum news imgage Two-Factor Authentication ​What Is It and Why You Should Use It
12 Dec 2019 safeum news imgage Encryption is under threat - this is how it affects you
4 Nov 2019 safeum news imgage Should Big Decisions Be Based on Data or Your Intuition?
7 Jun 2018 safeum news imgage VPNFilter malware infecting 500,000 devices is worse than we thought
4 Jun 2018 safeum news imgage Hackers target Booking.com in criminal bid to steal hundreds of thousands from customers
1 Jun 2018 safeum news imgage Operator of World's Top Internet Hub Sues German Spy Agency
30 May 2018 safeum news imgage US says North Korea behind malware attacks
29 May 2018 safeum news imgage Facebook and Google targeted as first GDPR complaints filed
25 May 2018 safeum news imgage A new reason to not buy these cheap Android devices
24 May 2018 safeum news imgage Flaws in smart pet devices, apps could come back to bite owners
23 May 2018 safeum news imgage Google sued for 'clandestine tracking' of 4.4m UK iPhone users' browsing data
21 May 2018 safeum news imgage LocationSmart reportedly leaked phone location data onto the web
18 May 2018 safeum news imgage The SEC created its own scammy ICO to teach investors a lesson
17 May 2018 safeum news imgage Thieves suck millions out of Mexican banks in transfer heist
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015