Publishing company Mansueto Ventures was targeted by internet criminals in an email scam similar to those used against companies such as Snapchat and Seagate.
Mansueto Ventures, which publishes Fast Company and Inc., has not revealed specific information about the attack in public, but Business Insider obtained an internal email that reveals that the company was the subject of a “phishing” attack. Mansueto confirmed the attack to Business Insider in statement we have published in full, below.
Sensitive information about current and former Fast Company and Inc. employees was leaked in the attack, and the company is in the process of contacting them to inform them.
An email sent to current Mansueto Ventures employees on February 26 disclosed some details about exactly how hackers were able to obtain information on employees:
At @ 8:45am EST this morning, in response to a spoof email, company information was released to a malicious email address. The information released includes (and was limited to) the names, addresses, social security numbers and wage data of 2015 Mansueto Ventures staff.
The virus earlier this week was likely a ransomware attack, where outside code penetrated our network and encrypted several data files therein.
We don’t know if the two attacks are directly related.
We do know that given the proximity of these two instances, the alert for subsequent attacks is especially high. We’re taking measures on our end to help prevent such attacks, including the tightening of our filters and the engagement of third party investigators, but we ask that in addition, everyone be especially cautious and use common sense on data security matters. Specifically:
- Please don’t let any emails through our spam filter unless they’re from an email you recognise and expect correspondence from;
- If you receive an email from an unknown address with attachments, do NOT download or activate the attachments before confirming their validity;
- If you receive an email requesting you perform a suspect activity (e.g. initiate a payment or wire) and/or provide sensitive information such as passwords or financial data, even from internal staff, please don’t do so until you’ve confirmed the activity offline with both the requestor and your managers.
The scam works because criminals impersonate a senior figure in the company and asks for login details or information. We don’t know who the scammers impersonated in the Mansueto Ventures hack, but in the past scammers have pretended to be Snapchat CEO Evan Spiegel in order to gain access to sensitive data.
Another company targeted by an email phishing scam like this is data storage company Seagate, which was targeted on March 1. It said that a scammer pretended to be an employee and made away with W-2 tax documents on all current and past employees, according to security writer Brian Krebs.
It’s not yet clear whether the email phishing attacks are linked, but this series of high-profile attacks have all taken place in recent weeks. Snapchat says it was targeted on February 19, Mansueto Ventures says that the phishing emails hit on February 26, and Seagate said that it was targeted on March 1. And those are only the companies that have come forward and made details of the attacks public — it’s possible that more businesses have been hit by the email scam.
Mansueto Ventures sent the following comment to Business Insider about the data breach:
Mansueto Ventures confirms that on Friday, February 26, 2016, some of its payroll data was compromised. The compromised data included the records of Mansueto Ventures employees, but did not include the data of any of its customers, clients, or subscribers.
We have both notified law enforcement authorities of the compromise and retained our own third-party investigators, and are cooperating now in those investigations.
Mansueto Ventures takes the security of its employees very seriously. We are notifying all employees affected by this incident, and are focused now on efforts to mitigate fraudulent use of the data, and to take measures to improve the security of our data going forward.