Milwaukee Bucks Newest Sports Phish Victim
Last month, Laremy Tunsil made headlines for being hacked on the night of the NFL Draft. A video depicting the first-round draft pick smoking illegal substances caught fire on the Internet and severely hindered his standings in the draft.
Just this week, a new sports phish came to be. This time, the Milwaukee Bucks NBA team fell victim to the simple form of infiltration. After having a terrible year finishing below .500 and missing the playoffs, a phishing attack was the last thing the offices of the Bucks needed.
The recent W-2 phishing scam, that has targeted numerous other businesses, was the one that unfortunately targeted the Bucks team. These 2015 transcripts were released by an employee of the team after receiving an email looking as if it were coming from the president of the Milwaukee team, Peter Feigin. A mishandling of such confidential information could be trouble for the finances and security of NBA players and staff who were all affected by the attack. Information including social security numbers, birth records, and private contracts were all handed over to the hacker posing as Feigin. The Bucks took proper measure and quickly reported the phishing scam to both the FBI and IRS. While it can be considered successful that the Bucks discovered and reported the problem, the original attacks was said to have been launched in April. This puts that basketball franchise as having gone over a month without realizing that such sensitive information has been lost. On average, companies take about six months to detect a data breach that could be wreaking havoc on a seemingly secure network.
Additionally, the Bucks are providing both players and staff alike with training to avoid phishing and add awareness to susceptible people within the organization. A spokesperson for the team said, “We believe this incident arose as a result of human error, and are providing additional privacy training to our staff and implementing additional preventative measures,” in an official statement from the team.
The W-2 scam is very popular among hackers recently and has been targeting a multitude of organizations. The Milwaukee Bucks are the first sports franchise to publicly announce falling victim to the breach. Be aware to possible posers asking for sensitive records and always double check the integrity of all emails before responding and interacting to them.
-Team PhishTrain
