#Open journalism No news is bad news

Your contributions will help us continue to deliver the stories that are important to you

Support The Journal
Dublin: 5°C Monday 30 November 2020
Advertisement

Snapchat employee sent personal details to scammer they thought was their boss

The company said that no user information was revealed because of the incident.

Image: Edward Smith/EMPICS Entertainment

SNAPCHAT HAS APOLOGISED to its employees after a phishing scam revealed personal information about some of them.

The company said that user data was not compromised and its servers weren’t breached. However, some payroll information concerning its employees were revealed.

“We’re a company that takes privacy and security seriously. So it’s with real remorse – and embarrassment - that one of our employees fell for a phishing scam and revealed some payroll information about our employees,” said Snapchat in a blog post.

The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.

A phishing scam normally sees someone impersonate a person or organisation, asking people to update personal information like passwords, credit card details or bank account numbers.

They are usually directed to a site where they’re asked to enter in details where they’re collected and used for nefarious purposes.

The LA Times says that one of the company’s payroll employees ended up sending information to a person pretending to be its CEO and co-founder Evan Spiegel.

When the employee realised the mistake, they emailed Spiegel who didn’t recognise the email. After it was confirmed to be an isolated incident, the FBI was contacted and are now investigating the incident.

#Open journalism No news is bad news Support The Journal

Your contributions will help us continue to deliver the stories that are important to you

Support us now

Snapchat CEO Employee details were revealed after someone pretended to be CEO Evan Spiegel. Source: AP Photo/Jae C. Hong

The company said that it has contacted those who have been affected, both current and past employees, and offered them two years of free identity-theft insurance and monitoring.

The app, which sees its users view more than 7 billion videos per day, has not been affected by the incident but the company said it’s “redoubling its already rigorous training” around privacy and security in the coming weeks.

When something like this happens, all you can do is own up to your mistake, take good care of the people affected, and learn from what went wrong… Our hope is that we never have to write a blog post like this again.

Phishing is one of the most popular methods of obtaining data about companies and employees. A recent report from RSA Insurance Ireland found that phishing attacks were responsible for 70% of security incidents in businesses.

Read: Apple changed its site’s code so ‘click’ wouldn’t look like something else >

Read: Microsoft gives up on its ambitious plan to bring Android apps to Windows >

About the author:

Quinton O'Reilly

Read next:

COMMENTS (2)