Oregon's SAIF Corp. exposed names and Social Security numbers of 1,751 employees from six of the carrier's policyholders to an unauthorized third party in the latest data breach to hit the workers' compensation industry.
The breach occurred Nov. 3 when a third party illegally accessed the email account of a SAIF premium auditor via a phishing attack, a scam in which criminals send emails that appear to be from a legitimate source.
The auditor's emails contained confidential information, including the names and Social Security numbers of employees from a half-dozen policy...
Comments