Current and former Snapchat employees had their identities compromised last week after one of their colleagues fell for a phishing email. The attacker pretended to be CEO Evan Spiegel while asking for employees’ payroll information, according to a company blog post. The payroll specialist — not realizing the email was a scam — sent over current and former employees’ payroll information.
The company didn’t specify what information was sent over, though it feasibly could have been Social Security numbers, addresses, bank details, and other identifiable information. Snapchat hasn’t yet responded to a request for comment about what information was compromised and how many employees were impacted. Today's blog post simply states that no user data was compromised, and Snapchat's servers remain secure. The company reported the incident to the FBI.
This isn’t Snapchat's first experience with a cyberattack. More than 4 million of its users had their usernames and phone numbers leaked online in 2014 after hackers said the company wasn’t taking a system vulnerability seriously enough.