This morning the headlines shouted out about another Business
Email Compromise (BEC) attack. It seems that an employee of the professional basketball team, the Milwaukee Bucks, received a seemingly legitimate email message from a spoofed email address. The email requested W2 records for the teams players and staff, and the targeted employee fell for the scam and released the information.
The fallout was immediate and intense.
“The communication received on this major security breach is unacceptable,” an agent for a Bucks player told The Vertical. “The players need to know the exact measures being taken by the Bucks and the FBI to ensure each and every player’s identity and financial information will not be compromised. There needs to be accountability for such a mistake, details on the steps taken to rectify it and a process put in place to make sure this never happens again.”