Seagate, the popular electronics maker, is now the focus of a class-action lawsuit which was filed in July. The lawsuit accuses Seagate of malpractice and a lack of regard for its employees.
In March 2016, the company fell for a phishing scam which led to the W-2 forms and a wealth of sensitive personal data falling into the wrong hands, including the data of every current and past employee. The damage potential is quite concerning, since the perpetrators can essentially use this data to commit identity fraud.
Pretending to be Stephen Luczo, Seagate’s CEO, the scammers targeted the company’s HR department, where an unsuspecting individual willingly handed over the sensitive data.
It is estimated that around 10,000 people were compromised by the phishing scam. Currently, the perpetrators remain anonymous. Still, a number of fraudulent tax reports have been filed, meaning that the employees have already sustained a fair share of damage.
The damage done goes beyond that of the employees, because their spouses and family members were also affected by the scam. At the given moment, no-one can accurately predict what the perpetrators will do with the accumulated data. In any case, the victims will be facing a lifetime of increased identity theft risk.
Seagate’s chief financial security officer has already taken responsibility for the incident, citing human error and a lack of vigilance as the reasons behind it.