SevOne was hit this week by a phishing scheme that exposed tax records of employees.
DelawareOnline.com obtained an internal SevOne memo that informed employees of the attack and the release of tax information-related information to an unauthorized party.
Phishing is a simple fraud scam that attempts to obtain financial or other information via an official-looking Email.
Most users see such attempts frequently in the form of fraudsters copying and pasting bank logos and sending an Email with a link to a fraudulent site. The logo of the Internal Revenue Service, which never attempts to obtain information online is widely used.
The IRS has warned employers about the use of what is known as “spear phishing” a version of the scam that is aimed at staffers handling financial information.
The sophistication of phishing documents has improved and with many workers receiving a lot of internal Emails messages the risks of a breach can be high.
On the consumer level, as more and more people transact business online, legitimate late payment notices are beginning to pop up in Emails, adding further confusion.
In most cases, simply looking at the return email address will confirm whether the Email is fraudulent.
The disclosure of the attack via the memo obtained by DelawareOnLine may have been an outgrowth of layoffs at the fast-growing company, which has an operations and innovation center at the University of Delaware’s STAR campus in Newark.
The layoffs affected less than 10 percent of the employees at the company that got its start in Newark and last year moved its headquarters to Boston.
The center in Newark was opened with great fanfare late last year and features employee- friendly amenities that include dining options, games for break times, and a slide between the first and second floors.
As has been the case in cyberattacks at other employers, SevOne will provide free credit monitoring services, the internal memo noted.
SevOne officials declined to comment further on the incident and pointed to the material outlined in the document.
SevOne monitors the health of corporate computer systems through hardware and software. It has employment centers in Delaware, Philadelphia, the Boston area, and Eastern Europe.
