On April 16, 2020, Applications Software Technology LLC (AST) announced a data breach involving confidential employee payroll information. The Illinois-based IT service provider is sending notices to affected parties to inform them of the data exposure.
On or about March 9, 2020, an unauthorized party accessed a previously compromised employee email address. The attacker set up rules on the hacked email account to divert employees’ 2019 W-2 wage and tax statements to their own email account. It is unknown how many of AST’s nearly 1,200 employees were affected.
The exposed information includes:
This data is now at risk for sale on the dark web. W-2 information has been known to be used for submission of fraudulent tax returns to the IRS to access victims’ tax refunds.
AST is offering one year of identity theft prevention and mitigation services at no cost to employees. The company recommends that victims be alert for incidents of fraud and identity theft and report any suspicious activity on accounts.
AST claims that they have scanned their systems to locate and clean malware infections and have implemented two-factor authentication protection on the email accounts of all employees. The company is conducting a vulnerability assessment to identify further mitigations, fixes, and improvements.
AST claims the security incident did not affect any customer data.
Founded in 1995, AST provides system integration services for nearly 400 public and commercial sector clients around the world with revenues in excess of an estimated $50 million.
If you were employed by Applications Software Technology (AST) in 2019 and have received a NOTICE OF DATA BREACH, contact the Arnold Law Firm at (916) 777-7777 to discuss your situation and possible legal options.