Snapchat employee payroll data leaked
Snapchat admits it was hoaxed by popular phishing email, but insists no user data was breached
Video messaging platform, Snapchat, confirmed a phishing attack tricked a HR employee into sending payroll information about current and former Snapchat employees.
The mobile app network admitted that an attacker pretended to be Snapchat's CEO Evan Spiegal and requested employees' payroll information, to which an employee, who was unaware of the hoax, granted the attackers request.
In a blog post, Snapchat said:
"It's with real remorse-and embarrassment-that one of our employees fell for a phishing scam and revealed some payroll information about our employees. The good news is that our servers were not breached, and our users' data was totally unaffected by this. The bad news is that a number of our employees have now had their identity compromised. And for that, we're just impossibly sorry."
Snapchat said it took action within four hours and confirmed it was an isolated phishing incident and it was also reported to the FBI. The company also plans to offer two years of free-identity insurance and monitoring to employees affected by the leak. It will also "rigorously" enhance training programs around privacy and security in the coming weeks.
This, however, is not the first time Snapchat has faced a cyber-attack, in 2014 more than 4m of its users had their usernames and phone numbers leaked online. Hackers, said at the time, the company was not taking system vulnerability seriously.
Typically, Snapchat enables users to send videos and pictures, both of which will automatically self-destruct after they have been viewed. Snapchat was launched in 2011 and is currently valued at $16bn with more than 100m daily active users.