Open in app

Sign in

Write

Sign in

LAZ Parking Data Breach

PhishTrain
2 min readApr 21, 2016

--

LAZ Parking has become the latest company who’s data has been breached by the string of W-2 phishing scams we’ve seen recently. In recent months companies such asCare.com, Applied Systems, Advance Auto Parts and many others have been effected by this same phishing attack.

LAZ Parking reported that the Social Security numbers, names, and home addresses of some of more than the 14,000 employees were stolen in the breach. The breach started when an employee received an email, allegedly from an executive, asking for some tax information for employees who worked at LAZ in 2015. The employee, who believed the email was authentic, replied with the requested data. Later that day, the request was brought to the attention of management and at that point the email was identified as fraudulent.

Just one week before the attack was reported publicly Connecticut Attorney General George Jepsen, Department of Revenue Services (DRS) Commissioner Kevin B. Sullivan and Department of Consumer Protection (DCP) Commissioner Jonathan A. Harris issued astatement. In their statement Jepsen says “Hardly a week goes by that my office doesn’t hear about a scheme where hackers or scam artists attempt to gain access to personal information such as Social Security numbers, credit card numbers, and bank accounts”. He goes on to urge consumers to review any tax related emails that look strange closely, and verify they are from a legitimate source before opening or clicking on any links”. The statement further suggests anyone who has been the victim of an internet based scam to file a complaint with the Internet Crime Complaint Center. Finally they say that If you are questioning the legitimacy of any communications received by the IRS you should contact them directly at 800–829–1040.

LAZ parking was by no means negligent in falling victim to this W-2 scam and nonetheless will be paying for identity fraud protection for their 14,000 employees for the next 2 years. Phishing attacks are nothing new, and the W-2 scam is just the latest tax scam. The best way to avoid phishing scams is to make sure your employees are aware of the threat, and remain vigilant in trying to prevent them form being successful. For more information about phishing scams, and how you can mitigate them contact us and we’ll see what we can do to help you prevent these attacks.

-Team PhishTrain

Security
Cybersecurity

--

--

PhishTrain

Written by PhishTrain

12 Followers

Stay up to date on all things phishing related! See what new updates we roll out too!

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams