A phisher’s treasure chest of personally identifiable information (PII) for General Electric employees has been exposed – thanks to the compromise of one of the company’s partners, Canon Business Process Services. In a data-breach notice filed with the State of California, General Electric (GE) noted that it contracts with Canon to process various documents related to human resources matters. The impact of the breach effects current and former GE employees and beneficiaries entitled to benefits, the conglomerate said. The documents were uploaded directly to Canon’s systems. GE said that a security incident at Canon in February exposed a wide-ranging number of sensitive HR-related documents. These include divorce, death and marriage certificates; benefits information (beneficiary designation forms and applications for benefits such as retirement, severance and death benefits); and even medical child support orders. Other hacked info includes direct-deposit forms, driver’s licenses, passports, tax withholding forms, names, addresses, Social Security numbers, bank-account numbers, dates of birth and other information. It’s a jackpot for an attacker. The information could be sold in underground criminal forums, or used to craft highly convincing phishing and scam emails, or used to carry out identity theft and fraud. GE was notified on February 28 that Canon had suffered the breach. According to the disclosure notice, between February 3 and 14, an unauthorized adversary was…
0 0 govanguard https://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2020-03-25 11:38:002020-03-25 11:38:00GE Employees Lit Up with Sensitive Doc Breach
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email email@example.com