[BreachExchange] Northrop Grumman can make a stealth bomber – but can't protect its workers' W-2 tax forms

Audrey McNeil audrey at riskbasedsecurity.com
Mon Apr 24 18:48:46 EDT 2017


https://www.theregister.co.uk/2017/04/24/northrop_grumman_breach_worker_w2s/

Northrup Grumman has admitted its Equifax-powered internal portal was
hacked, exposing employees' sensitive tax records to miscreants.

In a letter [PDF] to workers and the California Attorney General's office,
the aerospace contractor said that between April 18, 2016 and March 29,
2017, crooks infiltrated the website, allowing them to access staffers' W-2
paperwork for the 2016 tax year.

These W-2 forms can be used by identity thieves to claim tax rebates owed
to employees, allowing the crims to pocket victims' money. The corp sent
out its warning letters on April 18, the last day to file 2016 tax returns.

"The personal information that may have been accessed includes your name,
address, work email address, work phone number, Social Security number,
employer identification number, and wage and tax information, as well as
any personal phone number, personal email address, or answers to customized
security questions that you may have entered on the W-2 online portal," the
contractor told its employees.

The Stealth Bomber maker says it will provide all of the exposed workers
with three years of free identity-theft monitoring services. Northrup
Grumman has also disabled access to the W-2 portal through any method other
than its internal single sign-on tool.

We're told it was not the aerospace giant itself that was directly
breached, but rather the outfit it farmed out the paperwork processing to:
Equifax Workforce Solutions. "Promptly after confirming the incident, we
worked with Equifax to determine the details of the issue," Northrup told
its teams.

"Northrop Grumman and Equifax are coordinating with law enforcement
authorities to assist them in their investigation of recent incidents
involving unauthorized actors gaining access to individuals’ personal
information through the W-2 online portal."

A spokesperson for Equifax was not available for immediate comment. The
credit-rating giant was ransacked in 2016 during which other customers also
had their employees' tax information compromised, too.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20170424/321e0786/attachment.html>


More information about the BreachExchange mailing list