Snapchat executives have revealed that payroll data of a few current and former employees was leaked due to a scam e-mail sent to a human resources employee at the company.
In a blog post, the company explained the author of the scam e-mail pretended to be CEO Evan Spiegel while asking for employees’ payroll information.
The payroll specialist to whom the email was sent — not realising it was a scam — sent over current and former employees’ payroll information.
“The good news is that our servers were not breached, and our users’ data was totally unaffected by this,” Snapchat explained in its blog post.
“The bad news is that a number of our employees have now had their identity compromised. And for that, we’re just impossibly sorry.”
The company revealed that within four hours of the incident, it confirmed that the phishing attack was an isolated incident and reported it to the FBI.
After sorting through which employees–current and past–may have been affected, Snapchat has since contacted the affected employees and have offered them two years of free identity-theft insurance and monitoring.
“When something like this happens, all you can do is own up to your mistake, take care of the people affected, and learn from what went wrong. To make good on that last point, we will redouble our already rigorous training programs around privacy and security in the coming weeks,” the company concluded in its post.