SELMA, AL (WSFA) - An undisclosed number of current and former Wallace Community College Selma employees are being notified that their sensitive, personal information may have been stolen in a cyber "spoofing" attack on the college.
WCCS officials directed questions regarding the incident to attorneys at the law firm of Mullen Coughlin LLC, which specializes in cybersecurity and data privacy.
Attorney Alex Walker confirmed WCCS was working to mitigate damage caused after it became the victim of a Feb. 5 cyber attack in which a request for certain employee W-2 information was made to university officials with what appeared to be a legitimate email account.
The W-2 information was shared by the college, which discovered the request was fraudulent two days later on Feb. 7.
"Since becoming aware of this issue, the College has been working tirelessly to investigate, notify affected individuals, law enforcement and tax authorities," Walker said, "and to mitigate the impact of the attack on affected individuals by offering credit monitoring and identity protection services and other resources."
Walker said the number of people affected by the attack isn't being disclosed for confidentiality reasons.
W-2s contain information including a person's full name, address, social security number, and tax ID information, which could be used to file a fraudulent tax return.
It's not clear who stole the data or if any fraudulent activity has been conducted as a result. The investigation is ongoing.