Data Breach at Immigration Law Firm
| Data Breach at Immigration Law Firm | |
|---|---|
| Short Title | Personal Information of Google Employees Compromised in Data Breach at Immigration Law Firm |
| Location | United States |
| Date | November 2020 |
| Solove Harm | Insecurity, Interrogation |
| Information | Identifying, Contact, Demographic, Professional |
| Threat Actors | Unauthorised third party, Fragomen Del Rey Bernsen and Loewy law firm |
| Individuals | |
| Affected | Current and former Google employees |
| High Risk Groups | |
| Tangible Harms | |
New York-based law firm has experienced a data breach that compromised personal information of current and former Google employees.
Description
Immigration law firm Fragomen, Del Rey, Bernsen & Loewy claimed that an unauthorised individual accessed a file containing information relating to I-9 employment information on a “limited number” of Google employees.
Form I-9 is used to verify the identity and employment authorization of individuals working in the US, and can include an employee’s name, address, date of birth, email address, phone number, Social Security number, passport number and driver’s license data.
An unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. This file contained personal information for a discrete number of Googlers (and former Googlers). The actions of this unauthorised third party can be seen as Interrogation of law firms files for personal information about Google employees.
The firm’s carelessness in protecting those files against the unauthorised access is [Insecurity]].
Breakdown
Threat: Unauthorised third party probing law firm’s files for personal informaiton
At-Risk group: Current and former Google employees
Harm: Interrogation
Secondary Consequences: not known
Threat:Law firm not protecting personal information from unauthorised access
At-Risk group: Current and former Google employees
Harm: Insecurity
Secondary Consequences: not known