“AST LLC” Announces Data Breach and Circulates Notices to Employees

  • “AST LLC” has suffered a data breach after an unknown attacker accessed employee 2019 W-2 forms.
  • The cloud and digital transformation service provider is now covering the exposed employees with 12 months of identity theft protection.
  • W-2 forms contain very sensitive information like full names, home addresses, tax details, and employer information.

“AST LLC” has announced a data breach and is now sending notices to its employees to inform them that they have been compromised. The incident occurred on March 9, 2020, when someone managed to access employee payroll information by using a previously compromised email employee address. In fact, the infiltrator set up rules that diverted the messages received by the employee to the hacker’s address, so the realization of the breach wasn’t immediate. The information that was accessed by the unknown party involves the employees’ 2019 W-2 wage and tax statements.

AST is an enterprise systems services provider and integrator that has clients in both the public and commercial sectors, but the particular security incident hasn’t affected the data of any of its customers. The company has already scanned its systems thoroughly to locate and clean any malware infections and has now implemented two-factor authentication protection on the email accounts of all its employees. Moreover, they have contracted “CORE BTS” to help them conduct a full vulnerability assessment and recommend mitigations, fixes, and improvements.

As for the affected personnel, they will receive a 12-month free identity theft prevention service from “LifeLock Defender.” All that the compromised individuals need to do now in order to register is to call “800-899-0180.” Still, the affected people should be careful with how they handle and respond to unsolicited communication, phishing, or scamming attempts reaching them via SMS or email. If something suspicious comes to your attention, make sure to report it immediately to the relevant service of the Federal Trade Commission (FTC) by calling “877-438-4338.” Those who feel uncomfortable or notice an activity they can’t recognize on their credit report are advised to place a security freeze on their bank accounts too.

The information that is contained in W-2 forms includes the person’s name, address, ZIP code, wages, social security details, tax details, the employer identification number (EIN), control number, employer name, and other information. That said, the actors managed to get their hands on very sensitive data. From now on, this data may be used by the network infiltrators or sold to others on the dark web. It means the exploitation and targeting of potential victims may not happen right now but in months and even years after the initial incident. It is nice to have 12 months of identity theft protection services, but you should remain vigilant after this period ends.

REVIEW OVERVIEW

Recent Articles

Xiaomi Looking to Deploy Massive Upgrades on the MIUI 12 Camera App

Xiaomi wants to make the MIUI 12 Camera app as exciting as it can be, and is experimenting with a set of new...

Cerberus Was Found Lurking on the Google Play Store

The Cerberus app wore the sheepskin of a Spanish currency converter app and entered the Play Store. The app followed the tactic...

The “Music Mission” Anti-Piracy Campaign Makes Stunning Revelations

The “Music Mission” has released its first findings around pirating platforms, and the size of some is startling. What is more alarming...

The Vast Majority of Home Routers Are Vulnerable in One Way or Another

Many router models that are sold in Europe are vulnerable to exploitation using known flaws. Most vendors are using unsafe securing methods,...

H.266/VVC Codec Officially Announced – Bringing Higher Quality Video While Drastically Reducing Data Consumption

Currently, the H.265 HEVC is the most popular video codec in consumer devices, processing over 90% of video bits on the global level. ...