Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider.
Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services. According to GE, between approximately February 3 – 14, 2020, an unauthorized party managed to gain access to a Canon email account that contained sensitive information on current and former employees, as well as beneficiaries. What the hackers managed to access was effectively a treasure trove of information which could be sold on underground forums to other criminals and fraudsters, or used to target individuals with convincing scam emails and phishing attacks. Information about GE employees gained by the hack of the Canon email account included :
- direct deposit forms
- driver’s licenses
- passports
- birth certificates
- marriage certificates
- death certificates
- medical child support orders
- tax withholding forms
- beneficiary designation forms
- applications for benefits such as retirement, severance and death benefits with related forms and documents