Immigration law firm Fragomen, Del Rey, Bernsen & Loewy, LLP has revealed a data breach that exposed current and former Google employees ‘ personal details.
Fragomen, with over 582 lawyers in 47 locations worldwide, is one of the largest law firms in the USA handling immigration law.
In a “Notice of Data Breach” sent to Googlers affected by the breach, Fragomen states that they are responsible for supplying Google with I-9 work verification services.
The law firm recently discovered that their network was hacked, according to the notice, and the hacker accessed a file containing personal information from Googler.
“We recently became aware of suspicious activity within our computer network. While our investigation is ongoing, we discovered that an unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. This file contained personal information for a discrete number of Googlers (and former Googlers), including you,” the data breach notification stated.
To declare their citizenship and fitness to work in the United States, a Form I-9 must be filled out by all US employees.
This form includes information that may include the full name of an employee, mailing address , date of birth, email address , phone number, social security number, passport numbers, and other identifiers for immigration.
As this information is very sensitive and can be used by malicious actors for identity theft or other malicious activity, any Googlers affected should be on the lookout for spear-phishing attempts or fraudulent activity on their credit reports.
Fragomen is giving all impacted Googlers one year of free credit monitoring.
Both Google and Fragomen have been contacted with questions regarding the amount of people affected and how the attack happened, but have not heard back.