Immigration law firm Fragomen, Del Rey, Bernsen & Loewy has disclosed a data breach that compromised personal identifiable information of current and former Google employees.
In a notice filed with the California Attorney General’s Office, the New York-based law firm claimed an unauthorized individual accessed a file containing information relating to I-9 employment information on a “limited number” of Google employees.
“We recently became aware of suspicious activity within our computer network,” the notice reads. “While our investigation is ongoing, we discovered that an unauthorized third party gained access to a single file containing personal information relating to I-9 employment verification services. This file contained personal information for a discrete number of Googlers (and former Googlers), including you.”
The company did not say how many employees were affected or what type of information was accessed. However, Form I-9 is used to verify the identity and employment authorization of individuals working in the US, and can include an employee’s name, address, date of birth, email address, phone number, Social Security number, passport number and driver’s license data.
Since the information is highly sensitive, current and ex-employees could suffer attacks such as identity theft and fraud.
Although, Fragomen said it will provide a free 12-month credit monitoring subscription to all affected Google employees, victims should start checking their credit reports for fraud.
As with any data breach, it’s advised to closely monitor Inboxes for unsolicited correspondence, and look out particularly for spear-phishing emails appearing to come from Fragomen, Google or the US government.