SEAGATE TECHNOLOGY has shown the world that anyone can be taken in by a phishing attack, even one of the world's biggest storage manufacturers.
A false move by a single employee led to the exposure of thousands of employees' tax codes.
The scam was specifically aimed at HR and finance personnel and worked by spoofing an email from the CEO demanding the entire payroll's W2 (tax) forms.
Seagate has declined to give an exact figure, but said that it is four figures not five because, you know, that's better.
The company has offered identity theft protection for two years to all affected employees, but that won't protect them from the real prize: tax refunds.
The reason that the little tykes went after the W2 forms is that they contain all the information needed to apply for a tax refund in a false name and pick up a tidy bit of cash.
Seagate said in a statement: "The information sent was for anyone employed here during tax year 2015 only. The information was sent by an employee who believed the phishing email was a legitimate internal company request.
"When we learned of the incident, we immediately notified the IRS which is now actively investigating along with federal law enforcement. The IRS has also informed us they have added extra scrutiny to our employees’ accounts in order to prevent fraudulent tax returns being processed.
"At this point we have no information to suggest that employee data has been misused, but caution and vigilance are in order. We deeply regret this mistake and we offer our sincerest apologies to everyone affected. Seagate is aggressively analysing where process changes are needed and we will implement those changes as quickly as we can."
Seagate isn't the first company to be caught out this way and won't be the last. Snapchat employee data was leaked at the end of last month after a similar scam. It is not known how many dinkle pics were exposed.
News of the phishing trend started to emerge at the beginning of the year but, as this incident proves, it can happen to anyone. µ
To hear more about security challenges, the threats they pose and how to combat them, sign up for The INQUIRER sister site Computing's Enterprise Security and Risk Management conference, taking place on 24 November.
The other Google news of the week
Everyone clear the Aria!
And it's Samsung's thinnest and lightest tablet yet