Author Topic: Google employees personal info exposed in law firm data breach  (Read 40 times)

Online javajolt

  • Administrator
  • Hero Member
  • *****
  • Posts: 35125
  • Gender: Male
  • I Do Windows
    • windows10newsinfo.com
Google employees personal info exposed in law firm data breach
« on: October 28, 2020, 11:56:00 AM »
Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP has disclosed a data breach that exposed current and former Google employees' personal information.

Fragomen is one of the USA's largest law firms covering immigration law, with over 582 attorneys in 47 locations worldwide.

Data breach exposes US employment forms

In a "Notice of Data Breach" sent to Googlers impacted by the breach, Fragomen states that they are responsible for providing I-9 employment verification services to Google.

According to the notification, the law firm recently learned that their network was compromised, and the hacker accessed a file containing Googler's personal information.

"We recently became aware of suspicious activity within our computer network. While our investigation is ongoing, we discovered that an unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. This file contained personal information for a discrete number of Googlers (and former Googlers), including you," the data breach notification stated.

A Form I-9 must be filled out by all US employees to declare their citizenship and eligibility to work in the United States.

This form contains information that could include an employee's full name, mailing address, date of birth, email address, phone number, social security number, passport numbers, and other immigration identifiers.

As this information is very sensitive and can be used by malicious actors for identity theft or other malicious activity, any Googlers affected should be on the lookout for spear-phishing attempts or fraudulent activity on their credit reports.

Fragomen is offering one year of free credit monitoring to all affected Googlers.

BleepingComputer has contacted both Google and Fragomen with questions on the number of people affected and how the attack occurred but has not heard back.

source