Snapchat has said that it is “impossibly sorry” after a data leak exposed payroll information for some of its current and former employees, reports the Guardian.
The company was the victim of a common phishing scam, centered around an email that purported to have been sent by Snapchat’s chief executive Evan Spiegel. The email asked staff to share confidential payroll information, but the scam went undetected by the company’s employees.
“Needless to say, we responded swiftly and aggressively,” said Snapchat in a company blog. “Within four hours of this incident, we confirmed that the phishing attack was an isolated incident and reported it to the FBI.”
The company’s statement made sure to stress that no user data was included in the leak, but ensured the public that it will be taking measures to redouble its “already vigorous training programs” around privacy and security in the coming weeks. It will also be offering the affected employees compensation for the loss of data.
“We began sorting through which employees – current and past – may have been affected,” continues the blog. “We have since contacted the affected employees and have offered them two years of free identity-theft insurance and monitoring.”
Although embarrassing for Snapchat, the company will consider itself lucky that the incident did not affect its users. As recently as last month, We Live Security reported how up to 320,000 Time Warner customers may have had passwords and email addresses stolen as a result of a phishing attack.
Email phishing attacks can be hugely damaging (and costly) for businesses, but the attacks themselves are often basic and avoidable. Read our phishing guide to learn more about this kind of attack, and for five easy tips for avoiding these scams yourself watch the video below.
by Kyle Ellison, ESET