Snapchat has issued an apology to its staff after a hacker accessed payroll information for existing and ex-employees. The hacker posed as Snapchat’s CEO Evan Spiegel and asked the employee for payroll information.
Within four hours, Snapchat confirmed that the phishing attack was an isolated incident and reported it to the FBI. The company has also contacted the affected employees and offered them two years of free identity-theft insurance and monitoring.
Luckily, Snapchat user details were not breached. No user data was accessed. In a public apology to its employees, Team Snapchat says: “We’re a company that takes privacy and security seriously. So it’s with real remorse–and embarrassment–that one of our employees fell for a phishing scam and revealed some payroll information about our employees.
“The good news is that our servers were not breached, and our users’ data was totally unaffected by this. The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.
“Last Friday, Snapchat’s payroll department was targeted by an isolated email phishing scam in which a scammer impersonated our Chief Executive Officer and asked for employee payroll information. Unfortunately, the phishing email wasn’t recognized for what it was–a scam–and payroll information about some current and former employees was disclosed externally. To be perfectly clear though: None of our internal systems were breached, and no user information was accessed.”
Phishing is one of the most popular scams for obtaining company and employee data. PwC’s 2014 Information Security Breaches report reveals that 57 per cent of large organisations and 16 per cent of small organisations were attacked by unauthorised outsiders trying to impersonate organisations over the Internet.