Wallace State Community College

Wallace State Community College

Personal and financial information of current and former employees of College has been accidentally leaked through a phishing scam.

An employee with the college released W-2 forms after receiving an email posing as someone with the college requesting the information.

W-2 forms are used to file for income tax returns, contain pertinent information, such as social security number, name, address, employer information, wage, etc.

The school did not discover the fraudulent request until two days later.

Source: https://www.selmatimesjournal.com/2018/02/24/cyber-criminals-target-wallace-employees/

TPRM report: https://scoringcyber.rankiteo.com/company/wallace-state-community-college

"id": "wal15406622",
"linkid": "wallace-state-community-college",
"type": "Data Leak",
"date": "02/2018",
"severity": "60",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"
{'affected_entities': [{'industry': 'Education',
                        'name': 'College',
                        'type': 'Educational Institution'}],
 'attack_vector': 'Phishing',
 'data_breach': {'personally_identifiable_information': ['Social Security '
                                                         'Numbers',
                                                         'Names',
                                                         'Addresses'],
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['W-2 forms',
                                              'Social Security Numbers',
                                              'Names',
                                              'Addresses',
                                              'Employer Information',
                                              'Wages']},
 'description': 'Personal and financial information of current and former '
                'employees of College has been accidentally leaked through a '
                'phishing scam. An employee with the college released W-2 '
                'forms after receiving an email posing as someone with the '
                'college requesting the information. W-2 forms are used to '
                'file for income tax returns, contain pertinent information, '
                'such as social security number, name, address, employer '
                'information, wage, etc. The school did not discover the '
                'fraudulent request until two days later.',
 'impact': {'data_compromised': ['W-2 forms',
                                 'Social Security Numbers',
                                 'Names',
                                 'Addresses',
                                 'Employer Information',
                                 'Wages']},
 'initial_access_broker': {'entry_point': 'Phishing Email',
                           'high_value_targets': ['W-2 Forms']},
 'post_incident_analysis': {'root_causes': 'Social Engineering Phishing Scam'},
 'title': 'Phishing Scam Leads to Accidental Leak of W-2 Forms at College',
 'type': 'Data Breach',
 'vulnerability_exploited': 'Social Engineering'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.