Cyber Incident Victim: LAZ Parking
Date:
Feb 2016
Location:
United States of America
Summary
A parking company experienced a W-2 data compromise affecting approximately 14,000 employees after an employee was deceived by an impersonator posing as an executive into emailing sensitive tax forms. The breach exposed employee information that could enable tax fraud, false loan applications, or employment verification scams. The organization engaged cybersecurity specialists, offered affected individuals two years of identity-theft protection and credit report freezing options, and notified authorities. An expert highlighted that the incident reflected inadequate corporate training regarding email security protocols for handling sensitive data. The company maintained its systems were secure despite the social engineering attack.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
In mid-February 2016, an unknown individual compromised the W-2 tax forms of approximately 14,000 LAZ Parking employees through a phishing scheme targeting company personnel. The attacker impersonated a corporate executive via email and successfully tricked an employee into discluting 2015 W-2 records containing sensitive tax and revenue information. LAZ Parking, the third-largest parking operator in the United States with 1,200 San Diego County employees and operations across 26 states, discovered the breach and publicly disclosed it on March 15, 2016. Company systems remained secure according to spokesperson Mary Coursey, with no evidence of broader network intrusion beyond the fraudulent email exchange. The compromised data exposed employees to identity theft risks, particularly fraudulent tax filings during peak IRS processing season. LAZ immediately engaged cybersecurity specialists to investigate the incident and implement preventive measures against future occurrences, while also notifying law enforcement authorities per standard breach protocols.
The breach carried significant financial implications, as stolen W-2 data enabled criminals to file fraudulent tax returns, secure illegitimate loans, or provide false proof of employment. San Diego State University identity theft expert Murray Jennex emphasized the heightened risk during tax season, noting IRS systems could be overwhelmed by fraudulent filings using the stolen data. LAZ responded by offering affected employees two years of complimentary identity-theft protection services and covering costs for credit report freezes upon request. Corporate communications advised heightened vigilance regarding financial account monitoring, while acknowledging the incident stemmed from insufficient employee training on email security protocols. The company maintained operations across its portfolio of 875,000 parking spaces in major markets including San Diego, Los Angeles, New York City, and Washington D.C., with no reported disruption to parking services. Internal Revenue Service guidelines required LAZ to notify all impacted parties despite the agency's policy against commenting on individual cases, mirroring precautions taken by tax preparation firms like Intuit's TurboTax during similar identity theft surges in 2015.