cyber Breach

Entergy

May 8, 2023 1 min read
Entergy

TALX is working with Entergy to notify former and current Entergy employees whose 2016 W-2 data have been acquired by criminals from the TALX portal.

An unauthorized third party gained access to the accounts.

It was done primarily by successfully answering personal questions about the affected employees in order to reset the employees’ PINS.

It gave unauthorized access to certain Entergy employees’ online portal accounts and electronic W-2 tax forms for the tax year 2016 or earlier.

TALX has arranged for two years of complimentary restoration and assistance help for affected Entergy employees.

Source: https://www.databreaches.net/entergy-notifies-employees-of-w-2-breach-involving-talx-portal/

TPRM report: https://scoringcyber.rankiteo.com/company/entergy

"id": "ent18198622",
"linkid": "entergy",
"type": "Data Leak",
"date": "02/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Energy',
                        'name': 'Entergy',
                        'type': 'Company'}],
 'attack_vector': 'Account Compromise',
 'data_breach': {'data_exfiltration': ['Yes'],
                 'file_types_exposed': ['W-2 forms'],
                 'personally_identifiable_information': ['Yes'],
                 'sensitivity_of_data': ['High'],
                 'type_of_data_compromised': ['W-2 tax forms']},
 'description': 'TALX is working with Entergy to notify former and current '
                'Entergy employees whose 2016 W-2 data have been acquired by '
                'criminals from the TALX portal. An unauthorized third party '
                'gained access to the accounts primarily by successfully '
                'answering personal questions about the affected employees in '
                'order to reset the employees’ PINS. It gave unauthorized '
                'access to certain Entergy employees’ online portal accounts '
                'and electronic W-2 tax forms for the tax year 2016 or '
                'earlier. TALX has arranged for two years of complimentary '
                'restoration and assistance help for affected Entergy '
                'employees.',
 'impact': {'data_compromised': ['Employee W-2 data'],
            'identity_theft_risk': ['High'],
            'systems_affected': ['TALX portal']},
 'initial_access_broker': {'entry_point': 'PIN reset security questions'},
 'motivation': 'Data Theft',
 'post_incident_analysis': {'root_causes': 'Weak PIN reset security questions'},
 'response': {'communication_strategy': ['Notification to affected employees'],
              'remediation_measures': ['Two years of complimentary restoration '
                                       'and assistance help'],
              'third_party_assistance': ['TALX']},
 'threat_actor': 'Unauthorized third party',
 'title': 'TALX Data Breach Affecting Entergy Employees',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Weak PIN reset security questions'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.