The Milwaukee Bucks Got Phished: Team Employee Released Tax, Personal Info To Email Scammer
The Milwaukee Bucks basketball players have become victims of a major security breach, and the technical sophistication of the breach is likely something your grandparents could handle. The franchise has confirmed that players’ 2015 IRS W-2 information, including names, addresses, Social Security numbers, income information and dates of birth were released via email to an unknown scammer.
What type of advanced cyber-criminal technique did the scammer use to gain access to this sensitive information?
- Step 1: Set up a fake email account.
- Step 2: Email the Bucks and ask for the information.
The scammer reportedly impersonated Bucks president Peter Feigin and requested the W-2 documents via email. The team said an employee replied to the email and provided the documents.
“We take this incident, and the privacy and security of our employees, very seriously,” the Bucks statement read. “We immediately launched an investigation which is aggressive and ongoing.”
The Bucks quickly notified the impacted players and are providing them with three years of credit monitoring and lifetime identity restoration services.
This type of scam, known as Phishing, may seem too simple to ever work, but CSO Online reports that more than 40 businesses fell victim to similar scams in Q1.
© 2016 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.