Cyber Incident Victim: Solano Community College
Date:
Apr 2016
Location:
United States of America
Summary
Solano Community College experienced a spearphishing attack that compromised W-2 data for approximately 1,200 current and former employees, exposing sensitive information including Social Security Numbers, names, and detailed wage and benefits data such as tax withholdings, retirement contributions, and healthcare deductions. The institution detected unauthorized access to the payroll records and initiated an investigation with law enforcement, while advising affected individuals to monitor financial accounts, file regulatory complaints, and consider credit freezes to mitigate potential identity theft risks.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On April 28, 2016, Solano Community College in Fairfield, California, discovered it had fallen victim to a spearphishing attack that compromised the W-2 tax information of 1,206 current and former employees. The breach occurred when an unauthorized party successfully impersonated a legitimate source to request sensitive payroll documents. The stolen data included employees' full names, Social Security Numbers, and detailed wage and statutory benefits information such as federal and state tax withholdings, FICA contributions, Medicare deductions, dependent care allocations, and retirement plan contributions under sections 403(b) and 457(b). The college confirmed the request for W-2 forms originated from a fraudulent source, though the exact timeframe between the initial phishing attempt and detection wasn't disclosed. This incident exposed highly sensitive personal and financial data capable of facilitating identity theft, tax fraud, and financial exploitation of affected individuals.
Upon identifying the breach, Solano Community College immediately engaged the Solano County Sheriff's Office Computer Crime Task Force to investigate the incident in collaboration with the institution's IT department. Administrators directly notified all impacted current and former employees, advising them to monitor their financial accounts closely for suspicious activity. The notification explicitly recommended victims file complaints with the Federal Trade Commission and consider placing credit freezes on their accounts as protective measures. In its communications, the college emphasized the seriousness of the breach, stating, "We are notifying you so you can take action along with our efforts to minimize or eliminate potential harm," while urging prompt personal vigilance against potential misuse of their information. The response focused on containment through law enforcement coordination and victim assistance rather than public disclosure of technical details regarding the phishing mechanism or system vulnerabilities exploited.