Employees sue Seagate over HR department's private data leak

After falling victim to a phishing scam in March, Seagate is now being sued by its own employees whose sensitive data was exposed in the leak.

The company's HR department was tricked into providing the operators of the phishing scheme with the personally identifiable information (PII) of 10,000 past and current employees and W-2 forms that include their Social Security numbers along with their wage, salary and tax information.

Additionally, any spouse or beneficiary named in the W-2 documents likely had their personal information stolen as well. With this wealth of personal information, a scammer could easily commit identity fraud and those affected by the Seagate data leak will have a heightened risk of identity theft for the rest of their lives. Some of the company's employees had already become victims of identity theft just three days after the phishing scam occurred.

The still unknown perpetrators were able to gain access to Seagate's employee information through a human error by pretending to be the company's CEO Stephen Luczo. A request for the 2015 W-2 forms was made via email and the documents were sent to the scammers who immediately began to file fraudulent federal and state tax returns using employee information.

The lawsuit against Seagate is requesting a trial by jury and for the affected employees to be re-compensated for any damages that occurred as a result of identity theft. The company however has disputed the claims against it and wants the lawsuit dismissed.

Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.