Sorenson Communications, which provides communications products and services for deaf and hard-of-hearing people, recently began notifying all of its U.S. employees that their personal information may have been exposed when the company's third-party payroll vendor was breached.
The company determined on March 7, 2014 that its account with the unnamed vendor had been hit by a series of malicious attacks between February 20 and March 3, 2014.
The attackers successfully accessed the personal information of all U.S. employees as well as their beneficiaries, dependents and emergency contacts, including names, birthdates, addresses, income history, Social Security numbers, W-2 information and emergency contact data.
"Since learning of the data theft, Sorenson has implemented additional levels of security," company vice president of human resources Joe Tate wrote in the notification letter [PDF]. "We are taking every step necessary to address employee concerns and to provide employees and all those affected with credit and identity theft protection through Experian Corporation, one of the three major U.S. credit reporting and protection companies."