Phishing scam yields hackers 7,700 school employee W2's
An email phishing scheme perpetrated against the School District of Manatee County resulted in the names, addresses, wages and Social Security numbers of more than 7,700 school employees being handed over to hackers.
On Monday afternoon, Ron Ciranna, the district’s deputy superintendent of business services and operations, held a press conference to answer questions about the cyberattack reported Friday evening.
Ciranna said the hackers obtained the W2’s of everyone who worked for the school district in 2016 when a school district payroll employee provided the information to the hackers, responding to a fraudulent email that appeared to have been sent by Superintendent Diana Greene.
We do want to make clear the school district was the victim of a criminal act.
- Ron Ciranna, the district’s Deputy Superintendent of Business Services and Operations
The employee provided the information on Jan. 26, and Ciranna learned of the breach on Friday.
“We are not here to find fault or put blame on any district employees,” Ciranna said. “We do want to make clear the school district was the victim of a criminal act.”
The email to the payroll employee states: “Forward all schools employees 2016 W2 forms to me attached and sent in PDF, I will like to have them as soon as possible for board review. Thanks”
Ciranna said the school district had not ruled out discipline for the employee who provided the information.
Just last week, the IRS released a warning about this particular scam, which made the rounds last year as well. According to the IRS, cyber criminals are targeting schools and nonprofits this year.
This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns.
- IRS Commissioner John Koskinen
“This is one of the most dangerous email phishing scams we’ve seen in a long time. It can result in the large-scale theft of sensitive data that criminals can use to commit various crimes, including filing fraudulent tax returns. We need everyone’s help to turn the tide against this scheme,’’ said IRS Commissioner John Koskinen.
Ciranna said the school district immediately began working with its insurance company to determine what coverage was available for district employees, and on Monday the district entered into a contract that provides each employee with services from AllClear ID Network.
AllClear can help employees monitor how their personal data is being used. If any new accounts are opened in their name, AllClear will contact them by phone, district spokesman Mike Barber said.
You can dig a moat and pull up the drawbridge. But if someone opens the door it doesn't matter what you have outside.
- Board chairman Charlie Kennedy
Board chairman Charlie Kennedy said it is essential for the district to train its employees not to fall for email phishing schemes because just one employee can counteract all other cyber security safeguards.
“You can dig a moat and pull up the drawbridge,” Kennedy said. “But if someone opens the door, it doesn't matter what you have outside.”