Cyber Incident Victim: Global Communications, Inc.

On February 24, 2016, a third party successfully obtained 2015 W-2 tax forms for all employees of Alaska telecommunications company GCI and its subsidiaries Denali Media, UUI, and Unicom through a targeted email phishing attack. The attacker impersonated GCI Chief Financial Officer Pete Pounds in communications with the company's payroll department, initially requesting employee payroll information and specifically demanding W-2 forms for all personnel who worked at GCI during 2015. Although the payroll department employee who received the fraudulent email recognized the request as unusual and questioned it, the attacker persisted in subsequent communications. Ultimately, the employee complied by emailing the sensitive documents to the unauthorized third party. The compromised data included names, addresses, Social Security numbers, income details, and tax withholding information for more than 2,500 current and former employees.

GCI management discovered the breach on March 3, 2016, and immediately notified the FBI while launching an internal investigation. Executive Vice President Greg Chapados informed affected employees via email on March 4, confirming no customer information was exposed and emphasizing that corporate IT systems and networks remained uncompromised. The company implemented remedial measures including two years of credit monitoring, identity theft counseling services, and identity theft insurance for impacted personnel. GCI advised employees to notify the IRS about the W-2 compromise and reiterated its existing phishing awareness training programs. Company spokesman David Morris clarified that the payroll employee involved had not been terminated, stating the disclosure resulted from insufficient phishing recognition rather than malicious intent. The investigation remained ongoing with no identified perpetrators at the time of public disclosure.