Flexible Benefit Service LLC (Flex)

Some phishing emails are being sent from a Flex employee’s email account.

The Flex employee was the victim of a phishing attack that resulted in their email account credentials being used by unknown individuals to gain unauthorized access to the employee’s email account.

The unknown individual(s) searched the email account for emails or attachments containing terms such as “wire transfer,” “wire payment,” and “invoice”.

This type of information would not generally be in this employee’s email account.

The data compromised included data types such as name, address, phone number, Social Security number, and date of birth.

Source: https://www.databreaches.net/flexible-benefit-service-corporation-notifies-5123-of-phishing-incident/

"id": "FLE151411622",
"linkid": "flexible-benefit-service-llc",
"type": "Data Leak",
"date": "03/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"