W-2 information stolen.
A lot of domain names have been stolen when domain name registrar customers have been duped by phishing emails. Now a registrar itself has fallen victim to a phishing attack.
As reported on GeekWire earlier today, someone at domain name registrar eNom fell victim to a phishing attack. The perpetrators stole W-2 information for its US-based employees. W-2s include names, addresses, social security numbers and earnings information.
Given the timing of the attack and the information stolen, it wouldn’t be surprising if the thieves use the information to file false tax returns. A common scam is for people to file false tax returns in order to claim refunds.
Rightside is working with the FBI, IRS and local police to investigate the matter.