Cyber Incident Victim: Mansueto Ventures

Mansueto Ventures, publisher of Inc. and Fast Company magazines, experienced a significant data breach compromising employee wage information and Social Security numbers. The breach was disclosed on March 4, 2016, after hackers exploited the stolen data to file fraudulent federal and state tax returns in employees' names. Multiple staff members confirmed unauthorized tax filings using their Social Security numbers, with one employee describing active efforts to resolve fraudulent state-local filings. Employees expressed frustration at having to expend personal time and resources to address identity theft consequences. Several criticized the company's cybersecurity measures, particularly noting that sensitive employee data had been stored unencrypted—a point of irony given the publications' focus on business best practices.

The company's Chief Financial Officer, Mark Rosenberg, assumed responsibility for notifying affected employees about the breach. Concerns among staff extended beyond tax fraud to potential compromises of 401(k) retirement accounts and credit card information. An internal company estimate suggested fraudulent tax filings had occurred using 90% of compromised employee identities, though Mansueto Ventures did not publicly verify this claim. The organization, founded by billionaire Joe Mansueto, confirmed the breach to authorities and engaged law enforcement. Officials stated customer, client, and subscriber data remained unaffected by the intrusion. No technical details regarding the breach methodology, detection timeline, or containment procedures were disclosed in public statements.