SnapChat Employee Hacked — Crucial SnapChat Employee Payroll Details Stolen after Targeted Phishing Scam
The latest victim of malicious phishing campaigns is the LA-based social media firm SnapChat. In an official blog post, SnapChat revealed that a crafty phishing campaign has led to hackers obtaining payroll details of SnapChat employees.
“One of our employees fell for a phishing scam and revealed some payroll information about our employees,” the company informed.
The stolen information includes crucially important details like bank account info, salaries and pay scale and the all-important social security numbers. The company had some good news for its employees:
“The good news is that our servers were not breached, and our users’ data was totally unaffected by this.” However, there was some bad news as well: “The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.”
Good news is that users’ data was not stolen
SnapChat also explained that the FBI has been reported about this incident already and that the company has planned to “redouble our already rigorous training programs around privacy and security in the coming weeks. Our hope is that we never have to write a blog post like this again.”
SnapChat hasn’t been victimized for the first time because the first time it received a phishing scam was in 2015 when hackers posted more than five million user names online. Again in 2014, more than 200,000 user photos were leaked because of insecure third-party apps.
The company though admitted that sensitive information of its employees was accessed by the hackers. The hack attack became successful when one of the staff members at SnapChat got deceived by a phishing email that appeared to be sent by the CEO and co-founder of SnapChat, Evan Spiegel.
In the same blog post, SnapChat revealed that the company “takes privacy and security seriously.”
But how this attack was conducted?
It is unclear whether this incident was caused by an individual hacker or a group of hackers. However, it is clear that the ever-so-popular social engineering method of phishing was used to access this information. The hacker used the name of the company’s CEO Evan Spiegel and sent an email in which Siegel presumably asked for access to employee payroll information.
The company refers to this incident as an “isolated incident” and states that it will ensure that this never happens again.
This is not the first time when SnapChat is in the news for wrong reasons. In the past, the company’s terms and conditions revealed how it will save your name, photos and voices and use them anywhere in the world. The firm also came under criticism when hackers stole 4.6 million usernames and passwords of SnapChat users and published them online in 2014.